Skills
skills/willoscar/research-units-pipeline-skills/terminology-normalizer/Gen Agent Trust Hub

terminology-normalizer

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [Prompt Injection] (SAFE): The skill uses instructional role-play (Taxonomist, Integrator) to define behavior. No malicious override or safety bypass patterns were detected.
  • [Data Exposure & Exfiltration] (SAFE): The skill operates on local project files and declares no network access. No interaction with sensitive system files or credentials was found.
  • [Indirect Prompt Injection] (LOW): The skill reads and modifies output/DRAFT.md, creating a surface for indirect prompt injection if the draft contains malicious instructions. However, the risk is minimized by strict output constraints. Ingestion points: output/DRAFT.md, outline/outline.yml, outline/taxonomy.yml. Boundary markers: Absent. Capability inventory: File-write (output/DRAFT.md). Sanitization: Absent.
  • [Remote Code Execution] (SAFE): No remote scripts, external dependencies, or dynamic code execution methods are used.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:04 PM