writing-north-star-metrics
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions found that attempt to bypass safety filters or override system behavior. The content is focused on providing frameworks for business metrics.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths, hardcoded credentials, or external network requests were detected. The skill only provides text-based advice.
- [Remote Code Execution] (SAFE): No download commands (curl, wget) or execution of external scripts or packages were found. The skill does not include a
package.jsonorrequirements.txt. - [Indirect Prompt Injection] (SAFE): While the skill is designed to process user input regarding their product metrics, it lacks any functional capabilities (such as shell access, file writing, or network operations) that could be exploited even if a user provided malicious data.
- [No Code] (SAFE): The skill consists entirely of Markdown instructions and lacks any executable scripts or binary files, significantly reducing the attack surface.
Audit Metadata