blue-origin
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill is composed exclusively of Markdown documentation and instructions. There are no scripts (Python, JavaScript, Shell) or binaries included in the package.
- [PROMPT_INJECTION]: The system prompt in
SKILL.mdestablishes a professional 'VP of Engineering' persona. It provides domain-specific behavioral guidelines and analytical frameworks without attempting to override the agent's core safety filters or extract system instructions. - [CREDENTIALS_UNSAFE]: Analysis of all 7 files confirmed the absence of hardcoded API keys, tokens, or other credentials. Environment variables and secret management practices are not relevant here as no code is present.
- [DATA_EXFILTRATION]: No commands for network access (e.g.,
curl,wget,fetch) or sensitive file system access (e.g.,.ssh,.aws) were detected. The skill is purely informational. - [EXTERNAL_DOWNLOADS]: The skill does not reference or attempt to download any external dependencies, scripts, or remote content at runtime.
Audit Metadata