xstate-v5
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- PROMPT_INJECTION (SAFE): The instructions provided in
AGENTS.mdand thedefault_promptinagents/openai.yamlare purely instructional for the specific task of XState design. There are no attempts to bypass safety filters, extract system prompts, or override core agent behavior. - DATA_EXFILTRATION (SAFE): No sensitive file paths, hardcoded credentials, or network operations were detected. The skill operates within the context of the agent's response.
- EXTERNAL_DOWNLOADS (SAFE): While the
README.mddescribes how to install the skill using a system-level Python script, the skill itself does not perform any remote downloads or executions at runtime. - INDIRECT PROMPT INJECTION (INFO): The skill is designed to process user-provided state machine descriptions and code for review. While this constitutes an attack surface for indirect prompt injection, the skill's capabilities are limited to generating text (Markdown) and do not include high-risk operations like file writing or command execution. It is classified as INFO/LOW risk based on its limited capability tier.
Audit Metadata