crisis-communications
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is composed of documentation, markdown templates, and Python data structures (using standard libraries like
dataclassesandenum) intended for crisis management. No security threats were identified. - [INDIRECT_PROMPT_INJECTION]: The skill provides a framework for processing external, untrusted data such as social media content or news claims, which represents an attack surface for indirect prompt injection.
- Ingestion points: Untrusted data enters the context via the
Claim.text(SKILL.md) andCrisisMention.content(SKILL.md) structures. - Boundary markers: None are defined for the ingested text.
- Capability inventory: The skill does not contain any dangerous capabilities; it lacks network access, file system operations, or subprocess/execution commands. Actions are limited to internal logging and status updates.
- Sanitization: No explicit sanitization of external content is performed.
- Assessment: The severity is SAFE because there are no exploitable capabilities present in the skill that could be triggered by malicious data.
Audit Metadata