pii-detector
Pass
Audited by Gen Agent Trust Hub on May 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill acts as a set of security guardrails and instructional patterns for an AI agent. It does not contain executable code, binaries, or hidden scripts. All logic is provided through transparent Markdown files.
- [DATA_EXFILTRATION]: No data exfiltration patterns were detected. While the skill directs the agent to identify sensitive files (e.g., .env files or database migrations), it does so to facilitate local security audits and remediation advice, with no instructions to transmit data to external servers.
- [PROMPT_INJECTION]: The skill instructions are focused on enhancing compliance and security. There are no attempts to override safety filters, manipulate agent behavior, or reveal internal system prompts.
- [EXTERNAL_DOWNLOADS]: All external links are legitimate and point to either the official vendor website (sprinto.com) or well-known technical documentation for services like Stripe, Google, and Segment. No unauthorized remote code is downloaded or executed.
- [COMMAND_EXECUTION]: The skill's auditing process uses standard file search and reading operations (grep/ls) to analyze a repository. No dangerous shell commands, privilege escalation attempts, or unauthorized persistence mechanisms were found.
Audit Metadata