best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [PROMPT_INJECTION] (SAFE): The skill does not contain instructions designed to override system prompts or bypass safety filters.
- [DATA_EXFILTRATION] (SAFE): No network tools or commands capable of data transmission were identified.
- [REMOTE_CODE_EXECUTION] (SAFE): The manifest does not reference any external scripts, remote downloads, or package dependencies.
- [COMMAND_EXECUTION] (SAFE): No usage of subprocesses, shell commands, or dangerous eval-like functions was found.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill's primary function is to ingest code via 'fs_read' for analysis. While this is an untrusted data source, the skill lacks the capabilities (write/network) to act maliciously on instructions embedded in that data.
Audit Metadata