pia-vendor-processing

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill instructions and associated markdown files provide legitimate educational and procedural content regarding GDPR compliance and vendor due diligence. No prompt injection or behavior override patterns were detected.
  • [COMMAND_EXECUTION]: The provided Python script (scripts/process.py) performs logical data processing and report generation using standard libraries. It does not utilize subprocess, os.system, or any other functions capable of executing shell commands.
  • [DATA_EXFILTRATION]: No network operations (requests, urllib, curl) or access to sensitive local environment files (e.g., .ssh, .aws, .env) were found. The skill operates entirely on data provided within the script or input context.
  • [REMOTE_CODE_EXECUTION]: The skill does not download external scripts or packages. There are no requirements.txt or package.json files, and no dynamic code execution via eval() or exec() is present.
  • [CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or other credentials were found in any of the analyzed files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 03:33 PM
Security Audit — agent-trust-hub — pia-vendor-processing