sentencepiece
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill documentation references the official Google SentencePiece repository on GitHub for C++ installation. As Google is a trusted organization, this reference is categorized as LOW per [TRUST-SCOPE-RULE].
- [COMMAND_EXECUTION] (LOW): The installation guide includes standard build commands and 'sudo make install'. These are informational instructions for manual setup and are not triggered automatically by any skill scripts.
- [PROMPT_INJECTION] (INFO): (Category 8: Indirect Prompt Injection) The skill processes untrusted text data for tokenization. 1. Ingestion points: Data input via 'SentencePieceTrainer' and 'sp.encode' calls. 2. Boundary markers: Absent. 3. Capability inventory: Pure tokenization with no network access or file system write capabilities. 4. Sanitization: Absent. The capability tier is INFO as it only influences internal reasoning and display.
Audit Metadata