improving-skill-definition

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements strong protection against indirect prompt injection by repeatedly instructing all components to treat audited content as evidence rather than authoritative instructions.
  • [SAFE]: Network access is strictly limited by policy to reputable platforms like GitHub and GitLab for research purposes, and results are marked with provenance to ensure the user can distinguish between local and external information.
  • [SAFE]: A hard approval gate is enforced in Phase 5, requiring explicit user selection of specific findings before any file mutations are permitted.
  • [SAFE]: The skill includes a 'validation' phase that compares edited files against a baseline snapshot to ensure no unapproved changes or boundary violations occurred.
  • [SAFE]: File access is restricted to the 'skills/' directory and explicitly blocks sensitive paths such as secrets, private configurations, and version control metadata (.git).
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 06:40 AM
Security Audit — agent-trust-hub — improving-skill-definition