tangzhan-runse-master
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): The instructions define a specific persona and formatting rules without attempting to bypass safety filters, disable constraints, or extract system prompts. Natural instructional language is used appropriately.
- [Data Exposure & Exfiltration] (SAFE): No commands or paths related to sensitive file access (~/.ssh, ~/.aws, .env) or network operations (curl, wget) were detected.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not install any packages (npm, pip) or execute remote scripts. It contains no code components.
- [Indirect Prompt Injection] (LOW): The skill processes untrusted user drafts as input.
- Ingestion points: Raw user text drafts in the '接收草稿' workflow step.
- Boundary markers: Absent; the skill does not use specific delimiters to isolate user content.
- Capability inventory: None; the skill lacks subprocess, network, or file-writing capabilities.
- Sanitization: Absent; the skill relies on the underlying LLM's safety filters.
Audit Metadata