product-spec-builder
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempting to override agent behavior or bypass safety filters were detected.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths, hardcoded credentials, or network exfiltration patterns were found.
- [Obfuscation] (SAFE): No hidden or encoded content (Base64, zero-width characters, etc.) was identified.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill contains no code or scripts. No external packages are requested or downloaded.
- [Indirect Prompt Injection] (SAFE): While the templates are intended to be populated with data, the skill itself does not implement the data ingestion or processing logic, presenting no direct vulnerability surface in its current static form.
Audit Metadata