methodology
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- Prompt Injection (SAFE): No evidence of behavioral overrides, safety bypasses, or jailbreak attempts.
- Data Exposure & Exfiltration (SAFE): The skill lacks any network-facing tools (curl, wget) or commands to access sensitive local files.
- Remote Code Execution (SAFE): No scripts, external dependencies, or dynamic execution patterns are present.
- Indirect Prompt Injection (SAFE): 1. Ingestion points: The skill accepts input via '$ARGUMENTS' in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: None (no code, no network, no file access). 4. Sanitization: Not applicable for text-only output. Although the skill processes untrusted input, it has zero system-level capabilities to exploit.
- General (SAFE): The skill is a pure markdown instructional template with no logic or side effects.
Audit Metadata