evaluate-content

Pass

Audited by Gen Agent Trust Hub on Jul 4, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes several internal TypeScript scripts using the bun runtime (e.g., manifest-sync.ts, append-loop-result.ts, query-performance.ts). These scripts are part of the skill's package and include appropriate security checks, such as path validation and symlink protection, to prevent unauthorized filesystem access.
  • [EXTERNAL_DOWNLOADS]: The skill connects to api.forsvn.com to fetch updated platform intelligence packs and telemetry. This behavior is documented within the skill's reference files and is a standard feature for synchronizing the toolkit with the vendor's latest research data.
  • [DATA_EXFILTRATION]: Social media performance metrics and usage telemetry are sent to the vendor's API (api.forsvn.com). This data transfer is restricted to information intended for the evaluation process and usage metering, and it does not involve sensitive system credentials or personal user data.
  • [PROMPT_INJECTION]: The skill ingests external content, such as social media comments, for sentiment analysis. While this presents a theoretical attack surface common to all Natural Language Processing tools, the agents are instructed to follow strict rubrics and evidence-based reasoning, mitigating the risk of obedience to instructions embedded in analyzed data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 4, 2026, 10:16 PM
Security Audit — agent-trust-hub — evaluate-content