Skills
skills/ukgovernmentbeis/inspect_ai/secret-code/Gen Agent Trust Hub

secret-code

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The skill executes a local shell script as part of its primary task.
  • Evidence: SKILL.md instructs the agent to execute scripts/reveal.sh.
  • Analysis: The script content is transparent and benign, only echoing a static string. It does not attempt privilege escalation, persistence, or network communication.
  • [PROMPT_INJECTION] (SAFE): The skill uses authoritative instructional language to guide the agent.
  • Evidence: SKILL.md contains phrases like 'MUST follow these exact steps' and 'IMPORTANT RULES'.
  • Analysis: This is classified as natural instructional language intended for task completion rather than an attempt to bypass safety filters or extract system prompts.
  • [DATA_EXPOSURE] (SAFE): The skill reads a local asset file.
  • Evidence: assets/secret.txt is read by the agent.
  • Analysis: The file is a local resource belonging to the skill package and contains non-sensitive data. No system files or environment variables are targeted.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:14 PM