slowmist-agent-security-framework
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill documentation includes examples of injection strings (e.g., "ignore all previous instructions") within code blocks for a detection function. These are included for educational and testing purposes to demonstrate malicious behavior for identification, and are not intended for execution by the agent loading the skill.
- [OBFUSCATION]: A base64-encoded URL is provided within a code example to illustrate how to detect hidden network endpoints. The decoded URL (https://evil.com/steal) is part of a theoretical malicious scenario used to teach the agent rejection criteria.
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download security tools and pattern databases from the official GitHub organization of SlowMist, a recognized security firm.
- [COMMAND_EXECUTION]: The documentation describes using standard CLI utilities like git and curl for the purpose of auditing repositories and analyzing network responses.
Audit Metadata