color-expert
Fail
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: CRITICALNO_CODE
Full Analysis
- [SAFE]: The skill is entirely composed of static markdown files intended for use as a knowledge base. No executable code, build steps, or runtime dependencies were identified during analysis.
- [EXTERNAL_DOWNLOADS]: Analysis identified numerous URLs to third-party tools, academic papers, and YouTube videos. These are used strictly for reference and citation. The URL
colorwell.org, flagged by automated scanners, is a legitimate educational resource for oil painters cited in a bibliography. - [NO_CODE]: The skill lacks a
settings.jsonor equivalent configuration granting execution permissions. The author explicitly removed local development configuration and absolute paths in previous commits, as documented inSECURITY.md. - [PROMPT_INJECTION]: While the skill contains evaluation prompts and self-referential safety claims in
SECURITY.md, these are formatted as declarative documentation and do not pose a behavioral override risk to the agent.
Recommendations
- CRITICAL: 2 infected file(s) detected - DO NOT USE
- Contains 4 malicious URL(s) - DO NOT USE
Audit Metadata