ip-evaluator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions to override system prompts or bypass safety filters were found.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network operations (curl, wget, etc.) are present.
- Remote Code Execution (SAFE): No external script downloads, package installations, or dynamic execution patterns were detected.
- Indirect Prompt Injection (LOW): While the skill processes untrusted input data (novel descriptions and market data), it lacks any executable tools, shell access, or system capabilities (allowed-tools: []), making the risk of exploitation negligible.
- Command Execution (SAFE): No shell commands or subprocess calls are present in any of the skill files.
Audit Metadata