project-qtax
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No malicious override instructions, bypass markers, or role-play jailbreak attempts were detected in the skill instructions.
- [Data Exposure & Exfiltration] (SAFE): The skill contains explicit privacy safeguards: 'Avoid collecting/storing unnecessary personal data; never request full NI number or UTR.' No hardcoded credentials or sensitive local file path access was found.
- [Indirect Prompt Injection] (LOW): The skill relies on web search results to verify volatile tax data, creating a potential surface for instructions embedded in external web content.
- Ingestion points:
WebSearchtool used for fetching data from gov.uk and HMRC sites. - Boundary markers: Absent; the skill does not explicitly instruct the agent to ignore instructions found within retrieved web content.
- Capability inventory: Primarily text generation and mathematical calculations. No evidence of high-risk capabilities like file-writing or shell execution in the analyzed file.
- Sanitization: None detected within the skill logic; relies on the underlying LLM's tool-handling guardrails.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external package installations, remote script execution patterns, or dynamic code execution (eval/exec) were detected.
- [Privilege Escalation] (SAFE): No commands related to privilege escalation (sudo, chmod) were found.
Audit Metadata