skill-judge
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No malicious override or bypass instructions detected. The trigger phrases and evaluation logic are standard instructional content for the agent.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or network operations found. The skill does not transmit data externally.
- [Remote Code Execution] (SAFE): No external dependencies, package installations, or remote script calls detected. The skill claims to be self-contained.
- [Indirect Prompt Injection] (SAFE): The skill analyzes external
SKILL.mdfiles which are untrusted data. However, since the skill has no capability to execute code, write to the filesystem, or make network requests, there is no viable attack surface for an indirect injection to exploit.
Audit Metadata