data-question-framing
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script 'scripts/quick_validate_skill.py' uses subprocess.run to execute a local contract validation script ('tests/test_skill_contract.py'). This is a standard self-test mechanism for the skill's structure.
- [REMOTE_CODE_EXECUTION]: The validation script 'tests/test_skill_contract.py' utilizes the compile() function to verify the syntax of Python files within the skill folder. This function is used exclusively for static syntax checks during the validation process.
- [PROMPT_INJECTION]: The skill defines a surface for processing external stakeholder requests and local artifacts, and includes specific defenses against adversarial pressure. Ingestion points: Stakeholder requests (Required Inputs in SKILL.md) and local file artifacts (Evidence Checklist in references/playbook.md). Boundary markers: Explicit instructions in SKILL.md to 'Mark missing context as unknown', 'do not invent it', and 'treat scripts as evidence collectors, not as substitutes for judgment'. Capability inventory: The skill reads local files and metadata to generate reports; command execution is limited to internal validation scripts. Sanitization: The workflow requires a Quality Rubric check for evidence discipline and risk classification before finalizing output.
Audit Metadata