building-with-llms
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWNO_CODE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to bypass safety filters or override system constraints. The content is purely educational.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network operations were detected.
- Obfuscation (SAFE): No Base64, zero-width characters, homoglyphs, or other encoding techniques were found.
- Unverifiable Dependencies & RCE (SAFE): The skill does not include any scripts, package managers, or remote execution commands.
- Privilege Escalation (SAFE): No commands related to elevated permissions (e.g., sudo, chmod) are present.
- Persistence Mechanisms (SAFE): No attempts to modify system startup or configuration files were detected.
- Indirect Prompt Injection (SAFE): While the skill advises on how to process LLM inputs, it does not define any automated ingestion surfaces or tool-calling capabilities that could be exploited by untrusted data. It lacks the 'write' or 'execute' capabilities required for a high-risk surface.
- Dynamic Execution (SAFE): No use of eval, exec, or runtime compilation was found.
Audit Metadata