stress-testing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- PROMPT_INJECTION (SAFE): No malicious instruction patterns or bypass attempts were found in the skill content.- REMOTE_CODE_EXECUTION (SAFE): No executable code, scripts, or external dependency definitions (e.g., package.json or requirements.txt) are included.- DATA_EXFILTRATION (SAFE): No hardcoded credentials or patterns for data exfiltration were identified.- INDIRECT_PROMPT_INJECTION (LOW): The skill is designed to ingest untrusted data (plans and proposals) and uses tools like WebFetch. Evidence: 1. Ingestion: Reads user plans and web content. 2. Boundary markers: Absent. 3. Capability inventory: Read, Glob, Grep, WebFetch, WebSearch. 4. Sanitization: Absent. As no high-risk write or execution capabilities are present, the severity remains low.- NO_CODE (SAFE): The skill consists entirely of instructional markdown and configuration metadata.
Audit Metadata