riverflow-2-partners-api
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- No Code (SAFE): The skill consists entirely of Markdown instructions and metadata without any scripts, binaries, or package dependencies.
- Indirect Prompt Injection (LOW): The skill encourages processing user-supplied data (excerpts/payloads). Evidence: 1. Ingestion points: User-provided excerpts or payloads (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: No dangerous operations or code detected in this skill. 4. Sanitization: Absent. While a surface exists, the lack of executable capabilities makes the impact negligible.
Audit Metadata