zhin-adapter-development
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Category 1: Prompt Injection] (SAFE): No instructions designed to override system prompts, bypass safety filters, or extract internal configuration were found.
- [Category 2: Data Exposure & Exfiltration] (SAFE): Credential fields in the code examples use obvious placeholders like 'bot-token-1' and 'bot-token-here'. No patterns involving the unauthorized reading of sensitive files or exfiltration to external domains were detected.
- [Category 4: Unverifiable Dependencies] (SAFE): The imports for '@zhin.js/core' and 'zhin.js' are standard for the Zhin framework identified in the metadata. No suspicious third-party package installations or remote script executions were identified.
- [Category 8: Indirect Prompt Injection] (SAFE): While the documentation describes how to ingest external message data, the skill itself is a static instructional resource and does not expose a live data-processing surface for the agent.
- [Category 10: Dynamic Execution] (SAFE): The use of 'Adapter.register' and tool execution patterns are standard architectural features of the documented framework and do not involve unsafe runtime code generation from untrusted sources.
Audit Metadata