concept-cartographer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): The instructions use standard natural language for task definition. There are no attempts to bypass safety filters, extract system prompts, or override agent behavior.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths, environment variables, or hardcoded credentials were found. The skill does not perform any network operations.
- [Remote Code Execution] (SAFE): No package installations (npm/pip) or remote script downloads (curl/wget) are present.
- [Indirect Prompt Injection] (LOW): The skill is designed to process untrusted external data (technical notes and documentation). While it does not define explicit boundary markers for this data, its only output is Mermaid diagram syntax. It lacks the capabilities (like file writing or shell access) to be used as a vector for privilege escalation or data exfiltration.
- [Obfuscation] (SAFE): No Base64, zero-width characters, or encoded strings were detected.
Audit Metadata