subdomain-classifier
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill fulfills its stated purpose as a Domain-Driven Design assistant. All logic is transparent, and it does not request unauthorized access or attempt to execute dangerous commands.
- [PROMPT_INJECTION]: Conducted an analysis for potential indirect prompt injection surfaces (Category 8).
- Ingestion points: The skill processes external content from
subdomain-map.md,event-flow.md, andrequirements.mdto perform its classification logic. - Boundary markers: No explicit delimiters are specified in the prompt for separating ingested data from instructions.
- Capability inventory: The skill has no access to sensitive capabilities such as network exfiltration, arbitrary command execution (shell), or dynamic code evaluation.
- Sanitization: No specific validation of file content is required as the skill primarily performs text analysis and updates local markdown files.
- [EXTERNAL_DOWNLOADS]: The skill mentions well-known services like SendGrid, Auth0, and Algolia as implementation suggestions for generic subdomains. These references are documented neutrally as illustrative examples and do not involve automated network operations or downloads.
Audit Metadata