sales-painonsocial

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill functions as a static knowledge base and guidance tool. It does not perform network operations, execute shell commands, or access sensitive user data.
  • [INDIRECT_PROMPT_INJECTION]: The skill uses a local file system feedback loop to store and retrieve 'learnings' about the platform. While this creates a theoretical surface for indirect prompt injection, the risk is negligible due to the lack of dangerous capabilities in the skill.
  • Ingestion points: references/learnings.md and references/platform-guide.md are loaded into the agent context.
  • Boundary markers: No explicit delimiters are used to separate reference content from instructions.
  • Capability inventory: The skill performs no subprocess execution, network requests, or sensitive file operations.
  • Sanitization: No validation or escaping is applied to user-derived content before it is appended to the learnings file.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 12:20 AM
Security Audit — agent-trust-hub — sales-painonsocial