discover-proxies
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No malicious instructions or attempts to bypass agent safety filters were detected.
- [Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive files, hardcode credentials, or initiate network connections.
- [Indirect Prompt Injection] (LOW): This skill directs the agent to ingest additional data from the local file system (
<cc-polymath-root>/skills/proxies/). This increases the attack surface if those files contain malicious instructions, but is the standard behavior for a gateway skill. - Ingestion points: SKILL.md (references local markdown files)
- Boundary markers: None provided in the gateway file
- Capability inventory: File-reading via the
Readcommand - Sanitization: Not applicable (standard documentation loading)
- [Unverifiable Dependencies] (SAFE): No external packages (npm/pip) or remote scripts are downloaded or executed.
Audit Metadata