bartender
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- SAFE (SAFE): No malicious code or patterns detected.
- NO_CODE (SAFE): The skill is a decorative Markdown definition and does not execute scripts.
- PROMPT_INJECTION (SAFE): Indirect Prompt Injection surface analysis: (1) Ingestion points: Customer dialogue via TAKE-ORDER and LISTEN methods in SKILL.md. (2) Boundary markers: Absent. (3) Capability inventory: read_file, write_file, and list_dir for managing bartender_state. (4) Sanitization: Absent. Finding is downgraded to SAFE as the tools are used for the skill's primary intended purpose (managing tabs).
Audit Metadata