librarian
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill instructions define a librarian persona with systematic frameworks for information organization. No attempts to override agent safety protocols, extract system prompts, or bypass ethical guidelines were identified.
- [DATA_EXFILTRATION]: No sensitive data exposure or exfiltration patterns were found. The skill does not access private file paths (e.g., .ssh, .env), nor does it perform network operations to non-whitelisted or suspicious domains.
- [REMOTE_CODE_EXECUTION]: There are no patterns of remote script execution or unverifiable dependency installation. The skill does not use functions like eval() or subprocess.run() with external inputs.
- [COMMAND_EXECUTION]: No shell commands, privilege escalation attempts, or persistence mechanisms (e.g., modifying cron or bash profiles) were identified within the skill or its references.
- [EXTERNAL_DOWNLOADS]: No suspicious external downloads or references to untrusted third-party scripts were found. All referenced URLs are internal to the skill package.
- [SAFE]: The content is entirely in plain text with no obfuscation (e.g., Base64, zero-width characters). While the main skill file contains a workflow section describing a financial audit (referencing 'fraud risks' and 'audit teams'), this is clearly a benign template artifact and poses no security risk.
Audit Metadata