skills/hungv47/meta-skills/write-ad/Gen Agent Trust Hub

write-ad

Pass

Audited by Gen Agent Trust Hub on Jul 4, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXPOSURE_AND_EXFILTRATION]: No evidence of hardcoded credentials or unauthorized data access was found. The skill processes user-supplied research data and performance metrics stored in a local .forsvn directory. Scripts such as append-loop-result.ts and scaffold-eval-loop.ts include explicit checks (realpathSync, sep, and symlink guards) to ensure operations remain within the project root and do not escape to sensitive system areas.
  • [INDIRECT_PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it ingests untrusted data from external sources (e.g., lp_description and available_proof). However, it employs multiple defensive layers, including a Format Checker hard-gate and a 7-dimension Critic rubric, which sanitize and validate content before final delivery. The risk is assessed as low and inherent to the skill's primary function.
  • [COMMAND_EXECUTION]: The skill uses a Bash tool to execute local TypeScript scripts via the Bun runtime. These scripts (manifest-sync.ts, scaffold-eval-loop.ts, etc.) are part of the skill's infrastructure and perform administrative tasks like directory scaffolding and metadata synchronization. No arbitrary command execution or shell injection patterns were detected.
  • [REMOTE_CODE_EXECUTION]: All code is local and verifiable. No remote scripts are downloaded or executed at runtime. Dependencies are limited to Node.js/Bun built-in modules.
  • [OBFUSCATION]: No obfuscated commands, Base64-encoded payloads, zero-width characters, or homoglyph-based evasions were identified in the skill instructions or scripts.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 4, 2026, 10:16 PM
Security Audit — agent-trust-hub — write-ad