behavioral-modes
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [PROMPT_INJECTION] (SAFE): The skill uses instructional keywords like 'CRITICAL' and 'IMPORTANT' to define internal logic and formatting constraints. These are legitimate task instructions and do not attempt to bypass system safety filters or extract system prompts.- [DATA_EXFILTRATION] (SAFE): No network-capable tools (curl, wget, fetch) or exfiltration patterns were detected. The allowed tools (Read, Glob, Grep) are restricted to local file system access.- [INDIRECT_PROMPT_INJECTION] (LOW): \n
- Ingestion points: The skill is designed to analyze external data in 'REVIEW', 'DEBUG', and 'TEACH' modes (e.g., processing a pull request or error logs).\n
- Boundary markers: While the skill specifies output styles, it lacks explicit instructions for the agent to ignore control instructions embedded within the code or text being analyzed.\n
- Capability inventory: The skill's impact is mitigated by its limited toolset (Read, Glob, Grep) which prevents the agent from executing code found in the data.\n
- Sanitization: No sanitization logic for untrusted input is provided.- [NO_CODE] (SAFE): This skill consists entirely of markdown instructions (Prompt-based) and does not include any Python scripts, Node.js packages, or binary executables.
Audit Metadata