cpra-sensitive-pi

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security vulnerabilities were identified. The skill consists of educational content and a local processing script with no external dependencies or dangerous capabilities.
  • [SAFE]: Indirect prompt injection surface exists but is not exploitable within this skill. Data enters at scripts/process.py through function arguments without boundary markers or sanitization. However, the script contains no dangerous capabilities like subprocess calls, file writes, or network operations. Ingestion points: scripts/process.py (element_name and element_description parameters). Boundary markers: Absent. Capability inventory: None (script uses print statements only). Sanitization: Absent (only lowercases input for matching).
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 03:33 PM
Security Audit — agent-trust-hub — cpra-sensitive-pi