collaborating-on-design
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No patterns attempting to bypass safety filters, override system instructions, or extract system prompts were detected.
- [DATA_EXFILTRATION]: The skill performs local file scans to detect the project's programming paradigm (e.g., checking file extensions and scanning for keywords like 'class' or 'pipe'). However, there are no network operations or external communication patterns that could lead to data exfiltration.
- [REMOTE_CODE_EXECUTION]: No remote script downloads, package installations, or dynamic code execution patterns were found. The skill specifically mandates 'No code until the design is agreed.'
- [COMMAND_EXECUTION]: The skill does not utilize shell commands or subprocess execution. It focuses entirely on structured reasoning and documentation generation.
- [INDIRECT_PROMPT_INJECTION]: While the skill ingests external data (user arguments and project file contents), it implements a high-safety 'Human-in-the-loop' model. Each of the five levels requires explicit user approval before advancing, mitigating the risk of instructions embedded in data influencing the agent's behavior autonomously.
Audit Metadata