script-generator
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is composed entirely of instructional markdown text and documentation. No executable scripts, binary files, or shell commands were detected across any of the provided files.
- [DATA_EXPOSURE]: The instructions direct the agent to read local project files such as brand.md and product.md. This is standard behavior for a content generation skill and does not involve unauthorized access or exfiltration of sensitive system data.
- [INDIRECT_PROMPT_INJECTION]: The skill defines a surface for processing untrusted data (user input and external markdown files) into structured script outputs. However, the skill does not possess any dangerous capabilities—such as file writing, network access, or command execution—that could be leveraged by a malicious payload embedded in that data. The risk is limited to the quality of the generated text itself.
Audit Metadata