pinia-colada
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- SAFE (SAFE): No malicious patterns or security risks were identified. The skill is purely instructional and advisory in nature.
- Tool Access (LOW): The skill uses a restricted set of tools (
Read,Grep,Glob) for codebase exploration. These are read-only operations, adhering to the principle of least privilege. - Indirect Prompt Injection (INFO): The skill processes untrusted user code via its allowed tools. However, because the skill has no 'write' or 'execute' capabilities (no shell access, no network requests), it cannot be leveraged to perform unauthorized actions even if malicious instructions were embedded in the analyzed code.
Audit Metadata