nutmeg-heal
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Analysis of the skill instructions and metadata reveals no signs of malicious intent, prompt injection, or unauthorized data exfiltration. The skill focuses on developer productivity for data engineering tasks.
- [INDIRECT_PROMPT_INJECTION]: The skill facilitates processing data from external websites and APIs (Ingestion points:
WebFetch,WebSearchtools mentioned inSKILL.md). It addresses potential risks by including a dedicated security section that instructs the agent to treat external data as untrusted, validate schemas (Sanitization), and avoid executing any discovered code (Boundary markers). These precautions are documented alongside the agent's standard tool capabilities (Capabilities:Bash,Write,ReadinSKILL.md).
Audit Metadata