dojo-nassim-taleb
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No evidence of behavioral overrides, safety filter bypasses, or instructions to ignore system guidelines. The skill actually provides strong constraints for the agent to rely solely on the provided local topic files.
- [DATA_EXFILTRATION]: No sensitive file paths, credential markers, or network operations (curl, wget, etc.) were found. The skill operates entirely on its own distributed documentation.
- [REMOTE_CODE_EXECUTION]: No patterns of downloading or executing external scripts were detected. There are no package installation commands or runtime code generation (eval/exec) patterns.
- [COMMAND_EXECUTION]: The skill does not use shell commands or subprocess spawning. There is no use of the dynamic context injection syntax (
!command). - [OBFUSCATION]: All content is in plain-text markdown. No Base64 encoding, zero-width characters, or homoglyph attacks were identified during the analysis.
- [INDIRECT_PROMPT_INJECTION]: While the skill ingests user input to select routing modes, it lacks exploitable capabilities like network writing or file modification. The instruction to use only substance from loaded topic files acts as an effective boundary against untrusted input influencing the system.
Audit Metadata