owasp-llm-top-10
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill contains examples of adversarial prompts (e.g., 'Ignore previous instructions'). However, these are provided exclusively as documentation of 'Wrong' patterns for educational purposes and do not attempt to override the agent's actual system prompt or safety filters.
- [Data Exposure & Exfiltration] (SAFE): No patterns for accessing sensitive files (e.g., .ssh, .env) or performing network requests were detected. The skill is entirely static content.
- [Obfuscation] (SAFE): No use of Base64, zero-width characters, homoglyphs, or other encoding techniques to hide malicious intent was found.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not include any dependency files (requirements.txt, package.json) or commands to download/execute remote scripts.
- [Dynamic Execution] (SAFE): While the skill contains Python code snippets illustrating security concepts, these are contained within markdown blocks for reference only. There are no actual script files or 'eval/exec' calls that execute code at runtime.
Audit Metadata