skill-comply
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, hidden code, or unauthorized network operations were identified. The skill is designed as a local assessment utility.
- [COMMAND_EXECUTION]: The skill defines a process for running local agent commands or tests to verify behavioral compliance with instructions. This is limited to explicitly available tools and local execution as part of the evaluation lifecycle.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as its core function is to ingest and analyze external instruction artifacts (SKILL.md and rule files). 1. Ingestion points: Reads target SKILL.md and rule files (SKILL.md). 2. Boundary markers: No delimiters or explicit warnings for instruction separation are mentioned. 3. Capability inventory: Mentions executing local commands and tests. 4. Sanitization: No input validation or sanitization is described for the processed files.
Audit Metadata