spice-acceleration
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- No Code Detected (SAFE): This skill consists entirely of YAML configuration examples and Markdown documentation. It does not include any executable scripts (Python, JavaScript, etc.) or binary files.
- Data Handling (SAFE): The skill demonstrates how to configure data ingestion from external sources like PostgreSQL and S3. All examples use non-sensitive placeholders or standard authentication methods (e.g., IAM roles), with no hardcoded credentials or suspicious network calls detected.
- Indirect Prompt Injection Surface (LOW): 1. Ingestion points: Data is ingested from external databases (postgres:my_table) and cloud storage (s3://my_bucket/snapshots/) as defined in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: All scripts/configs across the skill indicate capabilities for local file writes for data acceleration and executing SQL for retention policies (retention_sql). 4. Sanitization: Absent.
Audit Metadata