exploratory-testing-advanced
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to bypass safety filters or override agent behavior.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network exfiltration patterns detected.
- Obfuscation (SAFE): Content is clear and readable; no Base64, zero-width characters, or homoglyphs identified.
- Unverifiable Dependencies & Remote Code Execution (SAFE): No external package installations or remote script executions (e.g., curl|bash) found.
- Privilege Escalation (SAFE): No administrative commands or permission modifications (e.g., sudo, chmod) present.
- Persistence Mechanisms (SAFE): No attempts to modify startup scripts or scheduled tasks.
- Metadata Poisoning (SAFE): Metadata fields are descriptive and contain no hidden instructions.
- Indirect Prompt Injection (LOW): While the skill involves processing external software data, it lacks the system-level capabilities (file writing, shell access) required for an exploit surface.
- Time-Delayed / Conditional Attacks (SAFE): No logic found that gates behavior based on time or environment conditions.
- Dynamic Execution (SAFE): No use of eval(), exec(), or unsafe deserialization; code blocks are illustrative only.
Audit Metadata