clarity-analyzer
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: A thorough review of the skill's instructions and metadata confirms the absence of malicious code, obfuscation, or unauthorized access attempts.
- [DATA_EXFILTRATION]: The skill is designed to read local CSV files and present the analysis results directly to the user in the console. There are no mechanisms for automated data transmission to external servers or third-party APIs.
- [PROMPT_INJECTION]: The skill ingests data from external CSV files, which constitutes a potential surface for indirect prompt injection. This risk is assessed as safe because the skill environment lacks high-privilege capabilities, such as network access or arbitrary code execution, that could be exploited. (Ingestion points: CSV files described in Step 1; Boundary markers: Absent; Capability inventory: File read access; Sanitization: Absent)
- [EXTERNAL_DOWNLOADS]: The skill includes an informational reference to the official Microsoft Clarity MCP server on GitHub. This is a link to a well-known service from a trusted organization and is intended for optional user-driven data retrieval rather than automated background downloads.
Audit Metadata