content-hash-cache-pattern
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): No external packages or remote scripts are requested. All imports (
hashlib,pathlib,dataclasses,json,typing) are part of the Python Standard Library. - [COMMAND_EXECUTION] (SAFE): The skill contains no
subprocess,os.system, or shell-level command execution logic. - [DATA_EXFILTRATION] (SAFE): No network operations (
requests,curl,socket) are present. Data access is restricted to local file reading for hashing and local JSON writing for caching. - [FALSE_POSITIVE_ALERT] (INFO): The automated security alert regarding
logger.infois a false positive. The scanner misidentified the standard Python logging method (logger.info) as a malicious domain due to the.infoTop-Level Domain (TLD). - [INDIRECT_PROMPT_INJECTION] (LOW): While the skill processes external file data (ingestion points), it only performs SHA-256 hashing and standard JSON serialization. It does not interpolate untrusted data into LLM prompts or execute it as code.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata