Skills
skills/sebastian-software/forschungszulage-skill/forschungszulage/Gen Agent Trust Hub

forschungszulage

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: No evidence of malicious instructions or bypass attempts. The skill maintains a consistent expert persona focused on German tax law and does not contain directives to ignore safety filters or reveal system prompts.
  • [DATA_EXFILTRATION]: No sensitive data exposure or exfiltration patterns detected. The skill does not use network tools or attempt to access local credentials, environment variables, or private files. It mentions a legitimate government portal (portal.bescheinigung-forschungszulage.de) for user reference only.
  • [OBFUSCATION]: The skill and its reference documents consist of clear, human-readable German text and standard Markdown. No Base64, zero-width characters, homoglyphs, or encoded payloads were found.
  • [REMOTE_CODE_EXECUTION]: No remote code execution patterns were detected. The skill does not attempt to download or execute external scripts, binary files, or unverifiable packages during runtime.
  • [COMMAND_EXECUTION]: The skill does not utilize any shell command execution tools or subprocesses. Its operations are limited to natural language processing and mathematical calculations within the chat environment.
  • [PRIVILEGE_ESCALATION]: The skill does not request or attempt to acquire elevated system privileges (sudo, admin) or modify system configurations.
  • [PERSISTENCE]: No persistence mechanisms, such as modifications to shell profiles, cron jobs, or startup services, are present in the skill's instructions.
  • [INDIRECT_PROMPT_INJECTION]: While the skill is designed to ingest and analyze user-provided application texts (ingestion point in SKILL.md 'Workflow: Antrag pruefen'), it lacks any exploitable capabilities such as file system access, network operations, or shell execution. Consequently, the risk of cross-domain instruction injection is negligible. No boundary markers or sanitization logic are explicitly defined, but the absence of tools renders the surface safe.
  • [DYNAMIC_EXECUTION]: The skill contains no dynamic code generation, unsafe deserialization (pickle/yaml), or runtime compilation patterns.
  • [DYNAMIC_CONTEXT_INJECTION]: No use of dynamic command execution syntax (!command) was found in the SKILL.md file or supporting references.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 06:19 PM