Regulatory Review
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill is composed exclusively of markdown files (.md). No Python scripts, JavaScript, shell scripts, or binaries are present. There is no logic for runtime execution or environment interaction.
- [PROMPT_INJECTION] (SAFE): The instructions in
SKILL.mddefine structured output formats and research dimensions. No patterns were found that attempt to override AI safety constraints, extract system prompts, or bypass behavioral guidelines. - [DATA_EXFILTRATION] (SAFE): No code patterns involving network requests (e.g., curl, fetch), credential access, or sensitive file system operations were detected. The skill operates purely as a static reference for regulatory frameworks.
- [INDIRECT_PROMPT_INJECTION] (INFO): The skill is designed to analyze external data (regulatory text). While it lacks explicit boundary markers for untrusted input, it possesses no exploitable capabilities (no write operations, no shell access, no network egress) that would allow an injection to manifest as a security threat. Its impact is limited to the formatting of displayed summaries.
Audit Metadata