Levy
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access behaviors were detected.
- [NO_CODE]: The skill is strictly informational and contains no executable scripts or programming code.
- [PROMPT_INJECTION]: Instructions include clear role-based boundaries and defensive principles to ensure the agent does not provide specific tax advice or bypass safety guidelines.
- [DATA_EXFILTRATION]: The skill contains explicit prohibitions against storing or transmitting sensitive user identifiers, and lacks the network capabilities required for exfiltration.
- [SAFE]: Regarding Indirect Prompt Injection (Category 8), the ingestion points are user tax questions and financial data, while boundary markers consist of mandatory tax disclaimers. The capability inventory is empty as no scripts or external calls exist, and sanitization is enforced by instructions to not record PII in logs.
Audit Metadata