gdpr-audit
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely composed of instructional markdown files and reference guides. It does not contain any executable scripts, binary files, or automated shell commands.
- [PROMPT_INJECTION]: The skill includes a 'Common rationalizations to resist' section that explicitly instructs the agent on how to handle deceptive or minimizing language in the audited materials. This serves as a robust defense against indirect prompt injection aimed at bypassing compliance checks.
- [EXTERNAL_DOWNLOADS]: The reference guides (Chapters 01-15) mention various well-known services and organizations, such as AWS, Google Analytics, Stripe, and Auth0. These are documented neutrally as technical indicators for the auditor to detect data processing activities and do not involve any remote code execution or unauthorized downloads.
- [DATA_EXFILTRATION]: Analysis of the audit workflow and reference guides shows no patterns related to accessing credentials, sensitive local files, or exfiltrating data to external domains.
- [REMOTE_CODE_EXECUTION]: The skill does not utilize any tools for package installation, runtime compilation, or remote script execution.
Audit Metadata