afa-diagnose
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves a legitimate business purpose, providing a framework for full-funnel diagnosis and root cause analysis in a DTC context. Its instructions are highly structured and focused on data-driven reasoning.
- [SAFE]: No evidence of data exfiltration or unauthorized network access was found. The skill suggests that users manually retrieve data from official marketing and e-commerce platforms (Shopify, Meta Ads, Google Ads, etc.) rather than attempting automated access.
- [SAFE]: No obfuscation techniques, such as Base64 encoding of commands, zero-width characters, or homoglyph substitutions, were identified in the analyzed files.
- [SAFE]: The skill does not attempt to execute remote code or install unverifiable dependencies. All logic is contained within the markdown-based instruction set and framework references.
- [SAFE]: The skill uses local files (e.g., brand-master.md, products.md) for context as part of its primary utility. While this creates a surface for indirect prompt injection, the risk is negligible as the skill is designed to analyze this data specifically to assist the user, and no dangerous system-level capabilities (like arbitrary code execution) are defined in the skill.
Audit Metadata