skill-security-framing
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill contains no executable code or scripts. It is a documentation-based utility intended to guide the behavior of other agents and skills when interacting with external URLs and content.
- [DATA_EXFILTRATION]: The skill defines strict URL validation rules that explicitly reject access to private IP ranges (RFC 1918), local loopback addresses (127.0.0.1), and cloud provider metadata endpoints (e.g., 169.254.169.254), effectively providing a defense-in-depth strategy against Server-Side Request Forgery (SSRF).
- [PROMPT_INJECTION]: The skill introduces a 'Security Frame Template' designed to wrap untrusted external content. This template uses clear delimiters (BEGIN/END markers) and explicit instructions for subagents to ignore embedded commands, which is a standard defense against indirect prompt injection (Category 8).
- [COMMAND_EXECUTION]: No shell commands or system-level operations are initiated by this skill; it focuses purely on defining safe patterns for content fetching and analysis.
Audit Metadata