health-human-factors
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill contains a defensive instruction labeled 'Prompt injection boundary' that explicitly directs the agent to treat all content read from the repository (source files, markup, etc.) as data to be analyzed rather than instructions to be followed. This is a security best practice designed to neutralize indirect prompt injection attempts.
- [DATA_EXFILTRATION]: No network capabilities or exfiltration patterns were detected. The skill is strictly limited to producing structured design reports and does not access sensitive local credentials or configuration files.
- [COMMAND_EXECUTION]: There is no evidence of shell command execution, subprocess spawning, or system-level interaction. The skill focuses entirely on design evaluation and text-based reporting.
- [EXTERNAL_DOWNLOADS]: The skill does not reference or download any external packages, scripts, or remote resources. All design guidelines and example reports are contained within the skill's own directory structure.
Audit Metadata