mpep-search
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified in the skill instructions or implementation code. The skill is restricted to searching a local corpus of legal documents.
- [DATA_EXFILTRATION]: The skill accesses local index and metadata files (e.g.,
mpep_index.faiss,mpep_metadata.json) within the project's directory. This is expected behavior for its primary function and does not involve exfiltration of sensitive user data. - [COMMAND_EXECUTION]: While the code references a setup script (
python install.py) in an error message, it does not execute the command automatically. It requires the user to manually perform the installation, maintaining human-in-the-loop control. - [PROMPT_INJECTION]: The skill includes input validation for search queries and section numbers, reducing the surface for injection. It does not contain instructions that attempt to bypass safety filters or override agent constraints.
Audit Metadata