redmine-projects
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill file consists solely of documentation and configuration for Redmine integration. No malicious instructions or suspicious code patterns were found.
- [NO_CODE] (SAFE): This skill defines tool interfaces and workflows but does not include any Python, JavaScript, or shell scripts, significantly reducing the attack surface.
- [Indirect Prompt Injection] (LOW):
- Ingestion points: The tools
redmine_list_projects,redmine_get_project, andredmine_get_project_versionsingest data from an external Redmine instance (project names, descriptions, and version details). - Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are defined in the workflow documentation.
- Capability inventory: The skill documentation does not define any high-risk capabilities such as arbitrary command execution, file system writes, or external network requests beyond the intended Redmine API calls.
- Sanitization: No explicit sanitization or validation logic is mentioned for the data retrieved from Redmine.
Audit Metadata