skills/buiducnhat/co-drew/cd-ask/Gen Agent Trust Hub

cd-ask

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is designed purely for structured dialogue and information gathering. It does not contain any executable code, shell commands, or tool invocations that could pose a security risk.- [DATA_EXPOSURE]: Although the skill mentions loading project context, it operates within the agent's standard environment and does not attempt to read sensitive system files (e.g., SSH keys, credentials) or send data to external URLs.- [INDIRECT_PROMPT_INJECTION]: The skill processes user input and project documentation. While this represents a surface for indirect prompt injection, the skill's strict instructions to only ask questions and avoid implementation significantly mitigate the potential impact of adversarial content embedded in the ingested data.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 11:23 AM
Security Audit — agent-trust-hub — cd-ask