retention-schedule
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides a comprehensive governance framework for data retention without introducing security vulnerabilities.
- [PROMPT_INJECTION]: No instructions attempting to override agent behavior, bypass safety guidelines, or extract system prompts were detected in SKILL.md or the associated templates.
- [REMOTE_CODE_EXECUTION]: The Python script 'scripts/process.py' contains only benign logic for date calculations and data structure management. It does not use unsafe functions such as eval() or exec(), nor does it perform any dynamic code loading.
- [DATA_EXFILTRATION]: The skill does not perform any network operations. There are no calls to curl, wget, or any HTTP libraries. It does not attempt to access sensitive system files like credentials or SSH keys.
- [CREDENTIALS_UNSAFE]: No hardcoded secrets, API keys, or tokens were found. The skill correctly refers to legal statutes and internal policy identifiers (CAT-XXX) rather than sensitive data.
- [COMMAND_EXECUTION]: The skill does not invoke any shell commands or subprocesses. The Python script's file operations are limited to a standard JSON export function.
Audit Metadata