offer-claims-registry

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill proactively addresses potential security risks by including explicit instructions for the agent to treat all pasted or exported materials as untrusted data rather than instructions. This prevents data-driven instruction overrides.
  • [DATA_EXFILTRATION]: No evidence of unauthorized data transfer was detected. The skill is designed to operate locally on the user's project files within the memory/claims/ directory and explicitly states that no APIs are required for its operation.
  • [EXTERNAL_DOWNLOADS]: The skill references documentation and homepage links hosted on GitHub under the author's account (aaron-he-zhu). These are categorized as vendor-owned resources for the purpose of this analysis and represent standard documentation practices.
  • [INDIRECT_PROMPT_INJECTION]: The skill possesses a data-ingestion surface (processing ad drafts, marketing copy, and documents). However, it mitigates this risk through high-integrity instructions that forbid the agent from allowing input data to influence its approval logic or metadata labeling. It maintains strict schema enforcement for all written records.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 09:34 AM
Security Audit — agent-trust-hub — offer-claims-registry