css-modern
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions attempting to override agent behavior or bypass safety filters were found in the skill or documentation.
- Data Exposure & Exfiltration (SAFE): The skill does not access sensitive local files, contains no hardcoded credentials, and performs no network operations.
- Remote Code Execution (SAFE): The included Python script
scripts/validate.pyperforms local structure and YAML validation. It usesyaml.safe_load()for security and does not execute external commands or download remote content. - Obfuscation (SAFE): No encoded strings, zero-width characters, or other obfuscation techniques were detected.
- Indirect Prompt Injection (SAFE): The skill uses a strict enum for its primary parameter (
feature), significantly limiting the surface area for processing untrusted data.
Audit Metadata