funnel-validator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- NO_CODE (SAFE): The skill consists entirely of Markdown text and a JSON manifest. No Python scripts, JavaScript files, or shell commands are included or referenced for execution.
- DATA_EXFILTRATION (SAFE): No network operations (curl, wget, fetch) or sensitive file path access (SSH keys, AWS credentials) were detected in the instructions.
- PROMPT_INJECTION (SAFE): There are no attempts to override system prompts, bypass safety filters, or use 'jailbreak' style roleplay instructions.
- Indirect Prompt Injection (SAFE): While the skill processes user-provided funnel data, it lacks capabilities (e.g., file-write, network-send, code-exec) to exploit.
- Ingestion points: User-provided text regarding funnel descriptions or URLs.
- Boundary markers: None explicitly defined.
- Capability inventory: No executable capabilities or tool-use identified.
- Sanitization: None identified; the agent relies on internal safety guardrails for text processing.
Audit Metadata