format
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill instructions and metadata are focused on providing documentation for a file format. No evidence of malicious intent, credential harvesting, or unauthorized network operations was found.\n- [COMMAND_EXECUTION]: The skill utilizes the Bash tool for the intended purpose of demonstrating how to parse NDJSON files using jq and shell commands. This execution is scoped to the tool's primary purpose.\n- [PROMPT_INJECTION]: The skill involves reading and parsing user-provided .cast files, which creates a surface for indirect prompt injection. However, as this functionality is central to the skill's purpose as a format reference, it is considered a functional risk rather than a security flaw.
Audit Metadata