consultancy-practices
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): Instructions are strictly professional and follow the intended consultancy persona without bypassing safety guidelines.
- [Data Exposure & Exfiltration] (SAFE): No sensitive data access or network exfiltration patterns detected.
- [Indirect Prompt Injection] (LOW): The skill defines a surface for ingesting untrusted project files for assessment (e.g., 'client-project/'), which is a standard feature for this use case but carries an inherent surface for indirect injection.
- [Command Execution] (SAFE): Code examples illustrate high-level agent coordination tasks rather than dangerous system-level command execution.
Audit Metadata