skills/iamladi/cautious-computing-machine--sdlc-plugin/constitution-compliance-review/Gen Agent Trust Hub
constitution-compliance-review
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized operations were detected. The skill's behavior is consistent with its stated purpose of auditing and scoring markdown files.
- [PROMPT_INJECTION]: The skill ingests untrusted data from local files via the Read tool. While this presents an indirect prompt injection surface, the risk is negligible as the skill lacks high-impact capabilities such as network access, file writing, or command execution. It only produces an analysis report as output.
- Ingestion points: Files read using the
Readtool as specified inSKILL.mdvia the user-provided file path argument. - Boundary markers: None explicitly defined to isolate ingested content from agent instructions.
- Capability inventory: None. The skill does not use subprocesses, network tools, or file-writing tools.
- Sanitization: No sanitization or filtering of input content is performed before analysis.
Audit Metadata