review-scope
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions to bypass safety or override behavior were found.
- [Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive files or use network tools to exfiltrate data.
- [Indirect Prompt Injection] (SAFE): Ingestion points: local source files via Read, Grep, and Glob tools; Boundary markers: none; Capability inventory: local read-only discovery (Grep, Git metadata); Sanitization: none. The risk is minimized by the skill's reliance on objective classification criteria like file counts.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No remote scripts or third-party packages are downloaded or executed.
Audit Metadata