agent-code-generator
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill instructions do not contain any patterns attempting to override safety guidelines or bypass system constraints. Regarding potential indirect prompt injection: 1. Ingestion points: user intent analyzed in SKILL.md; 2. Boundary markers: absent; 3. Capability inventory: none (no scripts, subprocesses, or network tools); 4. Sanitization: absent. The absence of executable capabilities renders the ingestion surface safe.
- [DATA_EXFILTRATION]: No sensitive file paths are accessed and no network transmission commands are present in the skill instructions.
- [REMOTE_CODE_EXECUTION]: The skill contains no scripts or code. The installation command in the metadata performs a standard download of a markdown file without execution.
- [EXTERNAL_DOWNLOADS]: The skill metadata specifies a download from a public GitHub repository, but it targets only a non-executable markdown file.
Audit Metadata