society-of-mind
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMNO_CODEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [NO_CODE] (SAFE): The skill consists exclusively of YAML and Markdown documentation; no Python, JavaScript, or shell scripts are included.
- [PROMPT_INJECTION] (MEDIUM): The file 'skill-snitch-report.md' contains deceptive metadata designed to resemble an official security audit. It provides a biased 'LOW' risk rating and an 'APPROVE' verdict, which constitutes an attempt to override independent analysis (Category 7 and 8e).
- [PROMPT_INJECTION] (LOW): Category 8 surface detected. 1. Ingestion: 'situation' field in CARD.yml. 2. Boundary markers: Absent in prompt templates. 3. Capability inventory: No executable scripts or side-effects detected (no subprocess, file-write, or network calls). 4. Sanitization: Absent. Risk is restricted to internal reasoning bias.
- [EXTERNAL_DOWNLOADS] (INFO): CARD.yml links to external academic resources on mit.edu and societyofmind.com, which are categorized as trusted sources under [TRUST-SCOPE-RULE].
Audit Metadata