service-layer-extractor
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): No instructions to override system prompts, bypass safety filters, or extract system messages were found.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths, hardcoded credentials, or unauthorized network operations are present. The code snippets provided are illustrative templates for local development.
- [Obfuscation] (SAFE): The file contains clear, readable markdown and code with no evidence of encoding (Base64), zero-width characters, or homoglyphs.
- [Unverifiable Dependencies & RCE] (SAFE): No remote script execution (curl|bash) or unauthorized package installations are defined in the skill content.
- [Persistence & Privilege Escalation] (SAFE): No commands for modifying system startup files, cron jobs, or escalating privileges (sudo/chmod) were detected.
- [Indirect Prompt Injection] (SAFE): While the skill is designed to process code for refactoring, it does not include instructions to fetch data from untrusted external URLs or APIs, limiting the exposure to injection via external data.
Audit Metadata