gate-validation
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill describes a legitimate administrative and quality assurance workflow for managing software development phases. No malicious intent or suspicious instructions were found.
- [NO_CODE]: The skill contains natural language instructions and process definitions rather than executable scripts or code files, which significantly reduces the technical attack surface.
- [PROMPT_INJECTION]: The skill defines ingestion points for untrusted data (phase_artifacts and approval_records), which represents an indirect prompt injection surface. However, the logic is restricted to structural and existence checks rather than executing the contents of these inputs, making the risk negligible.
- [DATA_EXFILTRATION]: No network operations, credential harvesting, or sensitive file path access (e.g., SSH keys, environment variables) were identified in the instructions.
Audit Metadata