unpoly-rails
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions to override agent behavior or bypass safety filters were found in the skill definitions or reference files.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file path access, or unauthorized network operations were detected. Domain references are limited to official documentation (unpoly.com) and source repositories (github.com).
- [Obfuscation] (SAFE): All provided code snippets and documentation are in plain, human-readable text without any signs of encoding or hidden characters.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill references the legitimate
unpoly-railsRuby gem and theunpolynpm package. No suspicious remote script execution patterns (e.g., piped curl-to-bash) are present. - [Indirect Prompt Injection] (SAFE): The skill functions as a documentation reference. While it processes developer-provided code snippets during interaction, it lacks high-risk capabilities like writing to files or making network requests based on that input.
- [Command Execution] (SAFE): No shell commands or subprocess executions are defined within the skill.
Audit Metadata