sherpa
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No attempts to bypass safety filters or override system instructions were detected. The skill uses structured instructions to guide the agent through its intended workflow without interfering with underlying safety protocols.
- [DATA_EXFILTRATION]: No sensitive file paths, hardcoded credentials, or unauthorized network operations were identified. The skill does not access local sensitive data or attempt to send information to external servers.
- [REMOTE_CODE_EXECUTION]: No patterns of remote script execution or package installation from untrusted sources were found. The skill is purely instructional and does not invoke shell commands or download external executable content.
- [OBFUSCATION]: No encoded strings, hidden characters, or homoglyph-based obfuscation techniques were detected in any of the skill files.
- [COMMAND_EXECUTION]: The skill does not use shell execution features or administrative commands. The mentioned tools (TaskCreate, TaskUpdate) are part of the documented platform environment for task management and are used as intended.
- [CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or private keys were found. Environment variables or secrets are not mishandled.
Audit Metadata