godot-composition
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): The content is strictly focused on Godot game development architecture and does not contain any instructions to override agent behavior, bypass safety filters, or disclose system prompts.
- [Data Exposure & Exfiltration] (SAFE): There are no references to sensitive file paths, environment variables, or hardcoded credentials. No network operations (curl, wget, or HTTP requests) are present.
- [Remote Code Execution] (SAFE): No remote scripts are downloaded or executed. The skill does not install any external packages or call shell interpreters on external content.
- [Obfuscation] (SAFE): No encoded strings, zero-width characters, or homoglyphs were detected. The content is clear and human-readable.
- [Indirect Prompt Injection] (SAFE): The skill serves as a static instructional guide for the agent and does not provide tools or mechanisms to ingest or process untrusted external data.
- [Privilege Escalation & Persistence] (SAFE): No commands related to administrative privileges (sudo) or system persistence (cron, registry) are present.
Audit Metadata