mcaf-ml-ai-delivery
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely composed of markdown-based process documentation and guidance. No executable code, scripts, binary files, or automated network requests are included within the skill package.\n- [SAFE]: The guidance explicitly includes security-conscious steps such as performing data redaction, gathering compliance requirements, and conducting responsible AI reviews to mitigate harms.\n- [PROMPT_INJECTION]: The skill possesses a theoretical surface for indirect prompt injection because it instructs the agent to ingest and process untrusted data from the user's repository (e.g., project-specific ML documentation and AGENTS.md files).\n
- Ingestion points: Repository-level documentation and context files are read during the 'Workflow' and 'Quick Start' phases.\n
- Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the ingested data.\n
- Capability inventory: The skill itself has no capabilities for code execution (eval/exec), subprocess spawning, or network exfiltration across any of its documents.\n
- Sanitization: No sanitization or validation of the ingested repository content is performed by the skill's instructions.
Audit Metadata