privacy-preserving-ds
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/quick_validate_skill.pyusessubprocess.runto calltests/test_skill_contract.py. This is a controlled execution of local scripts for the purpose of validating the skill folder's integrity and adherence to the required structure. - [SAFE]: The use of the
compile()function intests/test_skill_contract.pyis limited to performing syntax checks on Python files within the repository. The compiled code is never executed, making it a safe method for verifying code validity during testing. - [PROMPT_INJECTION]: Adversarial prompt examples are included in
references/acceptance-tests.mdandtests/fixtures/adversarial.md. These are part of a benchmarking suite used to ensure the agent correctly identifies and refuses attempts to bypass safety filters or ignore privacy red flags. - [SAFE]: The skill contains scripts for profiling data and scoring checklists locally. These tools utilize standard Python libraries to process user-provided files within the workspace, and no evidence of data exfiltration or remote connections was found.
Audit Metadata