ai-act-compliance
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized resource access attempts were found. The skill operates purely through textual reasoning and reading its own provided reference files.
- [PROMPT_INJECTION]: The skill is designed to process untrusted user-supplied data (AI system descriptions). While this creates a surface for indirect prompt injection, the risk is mitigated by the skill's lack of executable tools, network capabilities, or file-system write permissions.
- Ingestion points: User-provided system_description, role, and sector inputs in SKILL.md and ssl.json.
- Boundary markers: Absent in the reasoning templates.
- Capability inventory: No code execution, network operations, or sensitive file access across all 15 reference files and the entry point.
- Sanitization: No explicit sanitization of user input is performed before interpolation into reasoning prompts.
Audit Metadata