search-platform
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious behaviors, hidden commands, or unauthorized data access patterns were identified in the skill metadata or instructions.
- [NO_CODE]: The skill consists entirely of markdown-based instructions and does not include any Python scripts, Node.js code, or other executable files.
- [PROMPT_INJECTION]: No instructions were found that attempt to override system safety filters or extract internal configuration. The skill has an indirect injection surface as it maps untrusted user input (e.g., platform names) to tool parameters (ingestion points in SKILL.md) without explicit boundary markers. However, its capability is limited to invoking the nova_search_platform tool, and no sanitization is provided in the static instructions.
- [DATA_EXFILTRATION]: The skill does not access sensitive local files or hardcode credentials; it facilitates searching product metadata via an intended platform interface.
Audit Metadata