eval-session-scorecard
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions found that attempt to bypass safety filters or override agent behavior.- [Data Exposure & Exfiltration] (SAFE): No evidence of credential exposure or unauthorized data transmission.- [Indirect Prompt Injection] (LOW): The skill processes untrusted conversation transcripts. While an attacker could embed instructions in the transcript data, the skill's strict JSON output requirement and lack of dangerous capabilities (like shell access or network requests) mitigate the risk. Evidence:
SKILL.md(Workflow section) ingests external transcripts.- [Remote Code Execution] (SAFE): No remote scripts or package installations detected.- [No Code] (SAFE): The skill consists entirely of markdown and YAML configuration without any logic scripts or binary files.
Audit Metadata