gstcranes-marketplace

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill demonstrates safe practices by explicitly directing the agent never to request sensitive credentials, session tokens, or private account secrets from the user. It correctly routes authenticated actions to browser-based handoff rather than handling secrets directly.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes external information from public crane listings and company records. This represents a data ingestion surface (SKILL.md); however, the skill lacks risky capabilities (such as command execution, file writing, or network exfiltration of sensitive data) that could be exploited via malicious content in the marketplace data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 08:08 AM
Security Audit — agent-trust-hub — gstcranes-marketplace