power-budget-calculator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill documentation identifies the use of a local Python script ('scripts/calculate_power.py') for its calculations. The execution via 'uv run' is a standard practice and is limited to the skill's own local scripts, which is safe in this context.
- [DATA_EXPOSURE] (SAFE): No sensitive file paths, environment variables, or hardcoded credentials (API keys, tokens) were detected in any of the skill's components.
- [PROMPT_INJECTION] (SAFE): The instructional content in SKILL.md is purely functional and does not contain attempts to override safety filters, manipulate agent instructions, or extract system prompts.
- [INDIRECT_PROMPT_INJECTION] (SAFE): The tool is designed to process JSON project configuration data. While this is an ingestion surface (found in 'assets/example-project.json'), there are no indicators of instruction interpolation or dangerous capabilities that could be exploited by untrusted data. [Evidence Chain: 1. Ingestion: 'assets/example-project.json' 2. Boundary markers: None 3. Capability: Local script execution 4. Sanitization: Handled by JSON parsing].
Audit Metadata