validate-skill
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill references various prompt injection strings (e.g., 'ignore previous instructions') within its security audit definitions. These are provided as reference data to detect vulnerabilities in other files and are not instructions for the agent's own behavior.
- [COMMAND_EXECUTION]: A shell fork bomb pattern is included in the security check documentation as a detection signature. This is used solely for pattern matching during the validation process and is not an executable command.
- [DATA_EXPOSURE]: The skill mentions sensitive system paths and credential directories (e.g., ~/.ssh/, ~/.gnupg/) as part of its criteria for auditing other skills. It does not contain instructions to access, read, or exfiltrate data from these locations.
Audit Metadata