skill-check
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [DATA_EXFILTRATION] (SAFE): The skill is specifically designed to prevent data exposure. It identifies sensitive file paths, credentials, and PII within other skills. No evidence of malicious exfiltration or unauthorized network activity was found.\n- [PROMPT_INJECTION] (SAFE): Instructions are focused on diagnostic validation. No override markers, jailbreak attempts, or safety bypass patterns were detected.\n- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes external content (the skills it is checking), which is a prerequisite for indirect prompt injection. \n
- Ingestion points: Reads
SKILL.mdand associated reference files during validation.\n - Boundary markers: None explicitly defined in documentation.\n
- Capability inventory: Limited to reporting issues and providing a quality checklist; no automated write/execute capabilities shown in provided files.\n
- Sanitization: Not specified. The risk is minimized by the skill's display-only nature.\n- [EXTERNAL_DOWNLOADS] (LOW): The documentation suggests the user install the BFG Repo-Cleaner via Homebrew for remediation. This is a trusted external tool and a manual user action, not an automated process within the skill.
Audit Metadata