model-risk-compliance-memo

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/quick_validate_skill.py utilizes subprocess.run() to execute the local test suite tests/test_skill_contract.py. This is a benign implementation used solely for internal validation of the skill's components and does not involve untrusted input.
  • [PROMPT_INJECTION]: The skill incorporates dedicated testing fixtures (tests/fixtures/adversarial.md) and instructions to handle 'overclaim pressure' from users. It is designed to refuse requests to ignore safety warnings or provide false confidence, demonstrating a strong security posture against direct prompt injection.
  • [SAFE]: The tests/test_skill_contract.py script uses the Python compile() function to perform syntax validation on the skill's own scripts. This operation is limited to generating a code object and does not execute the code, serving as a safe linting mechanism.
  • [SAFE]: The skill identifies ingestion surfaces for untrusted data (e.g., notebooks, SQL, schemas) as part of its primary function. It mitigates indirect prompt injection risks by requiring a structured output contract and prioritizing evidence-based findings over generic advice.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 09:30 AM
Security Audit — agent-trust-hub — model-risk-compliance-memo