skill-acquisition
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No patterns detected that attempt to bypass safety guidelines or override agent behavior.
- Data Exposure & Exfiltration (SAFE): No instructions for accessing sensitive files (e.g., credentials) or making external network calls.
- Obfuscation (SAFE): The content is clear and lacks any encoded or hidden sequences.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill references only local maintenance scripts and does not download or execute remote code.
- Privilege Escalation (SAFE): No commands are present that request elevated system permissions.
- Persistence Mechanisms (SAFE): No attempts to create scheduled tasks or modify shell profiles.
- Metadata Poisoning (SAFE): Metadata accurately reflects the skill's administrative purpose.
- Indirect Prompt Injection (SAFE): While the skill defines a workflow for processing user goals into documentation, this is its primary intended use and does not introduce specific exploit surfaces.
- Time-Delayed / Conditional Attacks (SAFE): No logic is present that triggers actions based on external conditions or time.
- Dynamic Execution (SAFE): No runtime code compilation or unsafe data deserialization found.
Audit Metadata