deepchat-settings
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions designed to override agent behavior, bypass safety filters, or extract system prompts were detected. The natural instructional language is focused solely on operational constraints.
- [Indirect Prompt Injection] (SAFE): The skill exposes a surface for user-driven input but includes significant mitigations. (1) Ingestion points: User requests for setting modifications in chat. (2) Boundary markers: Explicit instructions to activate only for DeepChat application settings and ignore system or editor settings. (3) Capability inventory: Limited to UI preference tools (toggle, language, theme, font size). (4) Sanitization: Mandatory exclusion of high-risk settings like API keys, paths, and provider configurations from automated modification.
- [Data Exposure & Exfiltration] (SAFE): There is no evidence of hardcoded credentials, access to sensitive local file paths (e.g., SSH keys, env files), or unauthorized network operations to external domains.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not install external packages or download/execute remote scripts. All functionality is handled via internal predefined tools.
Audit Metadata