providers
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified. The skill's operations are confined to documentation search and comparison using specific MCP tools, which is consistent with its stated purpose.- [PROMPT_INJECTION]: The skill exhibits a standard architectural surface for indirect prompt injection as it processes data from external football documentation sources.
- Ingestion points: External documentation retrieved via the mcp__football-docs__search_docs tool and the local personalization file .nutmeg.user.md.
- Boundary markers: None present in the instructions to delimit external data.
- Capability inventory: The skill is limited to reading files and searching documentation; it lacks tools for shell execution, file system modification, or network exfiltration.
- Sanitization: No sanitization or validation of the retrieved documentation is implemented.
Audit Metadata