tgravity-work-mcn-index

Pass

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is designed for local asset management and performs all operations within the user's local directory structure. No external network requests or data exfiltration attempts were found.
  • [COMMAND_EXECUTION]: The skill executes a local Python script (scripts/mcn_index.py) included in the package. The script performs legitimate file processing tasks, such as parsing YAML frontmatter and generating CSV reports. It does not use unsafe functions like eval() or exec(), and command arguments are handled using the standard argparse library.
  • [PROMPT_INJECTION]: The instructions do not contain any patterns intended to bypass AI safety guidelines or override system prompts. While the skill processes user-generated Markdown files (a potential indirect injection surface), it handles the data as structured metadata rather than directly interpolating untrusted text into the agent's core instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 27, 2026, 08:01 AM
Security Audit — agent-trust-hub — tgravity-work-mcn-index