url-orchestrator
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): No instructions to override behavior or bypass safety filters were found. Instructional language like 'CRITICAL' or 'HARD BANS' is correctly used to emphasize technical governance rules within the context of the skill.
- Data Exposure & Exfiltration (SAFE): No access to sensitive file paths, hardcoded credentials, or unauthorized network operations are present in any of the files.
- Unverifiable Dependencies & RCE (SAFE): The skill does not include any commands for external package installation or remote script execution.
- Obfuscation (SAFE): No hidden characters, encoded strings, or homoglyphs were identified during analysis.
- Indirect Prompt Injection (SAFE): The skill serves as a static knowledge base for the agent. It does not ingest or process untrusted external data in a way that triggers side effects like file writing or code execution.
Audit Metadata