domain-expert-collaboration-loop

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/quick_validate_skill.py utilizes subprocess.run() to execute a local validation script (tests/test_skill_contract.py). This is a standard utility for verifying the skill's integrity and is restricted to local execution of the skill's own provided testing code.
  • [REMOTE_CODE_EXECUTION]: The validation script tests/test_skill_contract.py uses the Python compile() function. This is implemented specifically to perform a syntax check on Python files within the skill folder to ensure they are valid during the automated testing phase.
  • [PROMPT_INJECTION]: The skill includes adversarial testing fixtures, such as in tests/fixtures/adversarial.md. These files are designed as safety benchmarks to train the agent to recognize and refuse user pressure to bypass established quality gates or provide false approvals.
  • [EXTERNAL_DOWNLOADS]: The skill references several external URLs for research grounding and evidence mapping. These links point to reputable domains, including established data science platforms (Anaconda, Microsoft, MLflow) and academic repositories (arXiv), which are used neutrally as design references.
  • [SAFE]: The skill implements a 'decision contract' that requires explicit evidence and risk classification. It includes built-in checks to prevent the agent from rubber-stamping results or inventing data, prioritizing human-in-the-loop oversight.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 09:30 AM
Security Audit — agent-trust-hub — domain-expert-collaboration-loop