open-source-project-validator

Pass

Audited by Gen Agent Trust Hub on Jul 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No direct security threats were detected. The skill instructions are focused on providing analytical evaluations of project ideas based on user-provided data and web research.
  • [INDIRECT_PROMPT_INJECTION]: The skill features a functional surface for indirect prompt injection as it is designed to ingest and process untrusted data from both user inputs and external web sources. 1. Ingestion points: User project descriptions in the main prompt and external content such as GitHub repositories, issues, and documentation fetched via web research (SKILL.md). 2. Boundary markers: Absent. The instructions do not define specific delimiters or instructions to treat external content as untrusted data. 3. Capability inventory: The skill relies on web research and browsing tools to inspect projects. It does not utilize high-risk capabilities such as shell execution or file writing. 4. Sanitization: No sanitization or validation of external content is performed before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 13, 2026, 09:37 PM