personize-diagnostics
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill does not contain any malicious code, obfuscation, or unauthorized data exfiltration patterns.
- [DATA_EXPOSURE]: The skill correctly uses environment variables (e.g.,
PERSONIZE_SECRET_KEY,TRIGGER_SECRET_KEY) to manage sensitive credentials, which is the recommended security practice for SDK integrations. - [EXTERNAL_DOWNLOADS]: The skill references the official
@personize/sdkand@trigger.dev/sdk. These are trusted libraries from the primary vendor and a well-known automation service, respectively. - [INDIRECT_PROMPT_INJECTION]: The skill involves reading data from external memory stores to verify system health. While processing untrusted external data is an inherent surface for indirect prompt injection, this skill operates as a diagnostic tool where inspecting such data is the primary intended function. There is no evidence of unsafe command execution or privilege escalation tied to this data processing.
Audit Metadata