pia-vendor-processing
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions and associated markdown files provide legitimate educational and procedural content regarding GDPR compliance and vendor due diligence. No prompt injection or behavior override patterns were detected.
- [COMMAND_EXECUTION]: The provided Python script (
scripts/process.py) performs logical data processing and report generation using standard libraries. It does not utilizesubprocess,os.system, or any other functions capable of executing shell commands. - [DATA_EXFILTRATION]: No network operations (
requests,urllib,curl) or access to sensitive local environment files (e.g.,.ssh,.aws,.env) were found. The skill operates entirely on data provided within the script or input context. - [REMOTE_CODE_EXECUTION]: The skill does not download external scripts or packages. There are no
requirements.txtorpackage.jsonfiles, and no dynamic code execution viaeval()orexec()is present. - [CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or other credentials were found in any of the analyzed files.
Audit Metadata