gdpr-codes-of-conduct

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill includes a utility for processing external data.
  • Ingestion points: scripts/process.py reads and parses JSON files provided as command-line arguments.
  • Boundary markers: No explicit markers are used to separate untrusted data from instructions.
  • Capability inventory: Analysis of scripts/process.py shows it only performs dictionary lookups and prints results to stdout. It lacks dangerous capabilities such as file system writes, network requests, or subprocess execution.
  • Sanitization: No sanitization is performed on the input data, but the lack of executable capabilities makes this surface low-risk.
  • [COMMAND_EXECUTION]: The skill contains a Python script (scripts/process.py) designed for CLI use. It performs safe operations like JSON parsing and text formatting without invoking shell commands or external processes.
  • [DATA_EXFILTRATION]: No network operations or unauthorized file access patterns were detected. The script reads only the file path explicitly provided by the user.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 03:33 PM
Security Audit — agent-trust-hub — gdpr-codes-of-conduct