system-interface-contracts

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill's instructions, metadata, or evaluation logic.
  • [EXTERNAL_DOWNLOADS]: The skill references several industry-standard technical specifications and documentation sites including OpenAPI, AsyncAPI, CloudEvents, and IETF RFCs. All referenced domains are well-known technology standards organizations or official vendor documentation.
  • [PROMPT_INJECTION]: Evaluated for indirect prompt injection risks. 1. Ingestion points: Contract definition files and tool results processed by the agent. 2. Boundary markers: The skill includes an 'Agent and Tool Contracts' section providing explicit warnings that tool results are data, not instructions. 3. Capability inventory: Access is limited to Read and Grep tools. 4. Sanitization: Instructions mandate strict validation of structured payloads and rejection of malformed inputs at trust boundaries.
  • [DATA_EXFILTRATION]: No evidence of unauthorized data access or network exfiltration. The skill defines its scope around reasoning and contract design using restricted agent tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 04:36 AM
Security Audit — agent-trust-hub — system-interface-contracts