ai-engineer
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified in the skill instructions.
- [PROMPT_INJECTION]: The skill does not contain instructions to bypass safety filters or override agent behavior. On the contrary, it explicitly directs the agent to implement guardrails against prompt injection.
- [DATA_EXFILTRATION]: There are no hardcoded credentials, sensitive file access, or unauthorized data transmission patterns. The instructions prioritize data privacy and approval for external model calls.
- [REMOTE_CODE_EXECUTION]: While the skill mentions tool integration including code execution, it does so in the context of agent capabilities and does not contain any autonomous remote code execution commands.
- [INDIRECT_PROMPT_INJECTION]: The skill describes scenarios involving the processing of untrusted data (e.g., web scraping). Although this presents an attack surface, the instructions specifically mandate the implementation of safety measures, PII detection, and content moderation to address these risks.
Audit Metadata