production-ml-handoff

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The validation script scripts/quick_validate_skill.py uses subprocess.run to execute internal contract tests. This functionality is restricted to local skill verification.
  • [PROMPT_INJECTION]: An adversarial test fixture is included in tests/fixtures/adversarial.md. This is a defensive test case used to ensure the agent correctly prioritizes safety guidelines over user pressure to ignore red flags.
  • [EXTERNAL_DOWNLOADS]: The README and references link to well-known research platforms and technology organizations (such as Microsoft, Anaconda, and arXiv) for evidence mapping and design standards.
  • [SAFE]: No malicious patterns or unsafe data handling practices were detected. The skill includes automated checks in tests/test_skill_contract.py to prevent the accidental inclusion of credentials in project files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 09:30 AM
Security Audit — agent-trust-hub — production-ml-handoff