injurious-affection-assessment
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides transparent mathematical modeling for noise, dust, and vibration impacts. No obfuscation, hardcoded credentials, or malicious prompt instructions were identified across the 32 analyzed files.
- [EXTERNAL_DOWNLOADS]: Documentation in the README indicates no external dependencies; however, the
validate_injurious.pyutility imports thejsonschemalibrary. This is a standard industry practice for input validation and does not pose a security risk in this context. - [COMMAND_EXECUTION]: The skill contains no calls to subprocesses, shell commands, or dynamic execution sinks (like
evalorexec). Operations are limited to arithmetic calculations and JSON file input/output. - [INDIRECT_PROMPT_INJECTION]: The skill presents a data ingestion surface through JSON input files.
- Ingestion points:
injurious_affection_calculator.pyandvalidate_injurious.pyread user-supplied JSON files. - Boundary markers: The
injurious_affection_input_schema.jsondefines a strict schema for all inputs, which serves as a structural boundary. - Capability inventory: No dangerous capabilities (network, shell, or file-write outside of results) were detected in any script.
- Sanitization:
validate_injurious.pyprovides robust sanitization through schema validation and explicit type conversion for all input fields.
Audit Metadata