strategy-advisor
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [No Code] (SAFE): The skill consists entirely of Markdown instructions and persona definitions. There are no scripts, binaries, or configuration files that execute logic on the host system.
- [Data Exposure & Exfiltration] (SAFE): No network operations (curl, wget, fetch) or sensitive file path references were detected. The skill does not access local files or environment variables.
- [Remote Code Execution] (SAFE): There are no patterns involving the download or execution of remote scripts or packages. No package managers (pip, npm) or dynamic execution (eval, exec) are used.
- [Prompt Injection] (SAFE): The instructions define a helpful strategic persona without attempting to override system safety guidelines, disable filters, or extract system prompts.
- [Indirect Prompt Injection] (LOW): The skill processes user-supplied business scenarios. While it lacks explicit boundary markers for untrusted data, the skill has no functional capabilities (network, file-write, subprocesses) to exploit, neutralizing the risk of a successful injection attack.
Audit Metadata