fit-scorer

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses a local Python utility (youtube.py) to fetch engagement metrics. This execution is performed using the plugin's internal script directory and is limited to gathering specific influencer data points.
  • [SAFE]: Data operations are restricted to the memory/ path, ensuring that influencer profiles and scoring reports are handled according to the agent's state model.
  • [SAFE]: The skill processes social media content to evaluate engagement quality. Ingestion occurs via the youtube.py script or user input; while no explicit boundary markers or sanitization are defined for this data, the skill's structured evaluation framework mitigates risks associated with indirect prompt injection.
  • [SAFE]: No malicious patterns such as prompt injection, obfuscation, or unauthorized exfiltration were identified. The skill's behavior matches its stated purpose and the author's known profile.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 09:34 AM
Security Audit — agent-trust-hub — fit-scorer