sec-shenanigans-classifier
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of Markdown and YAML files. There are no scripts (Python, JS, etc.) or binaries provided in the skill package.
- [DATA_EXFILTRATION] (SAFE): No API keys, tokens, or sensitive file paths were detected. The skill has no network-enabled capabilities (curl, wget, etc.).
- [PROMPT_INJECTION] (SAFE): The instructions are strictly focused on financial taxonomy classification. No bypass commands, system prompt extraction requests, or safety-override patterns are present.
- [INDIRECT_PROMPT_INJECTION] (LOW):
- Ingestion points:
SKILL.mddescribes a workflow that loads external 'evidence rows' from SEC filings. - Boundary markers: Absent. The instructions do not specify the use of delimiters (like XML tags or triple quotes) to separate untrusted data from the agent's instructions.
- Capability inventory: None. The skill does not possess the ability to write files, execute shell commands, or make network requests.
- Sanitization: Absent. There is no explicit requirement to filter or escape the input data.
- Risk Assessment: While an attacker could put instructions in an SEC filing, the agent has no tools to execute, so the impact is limited to providing a wrong classification.
Audit Metadata