crest
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No evidence of malicious prompt injection was found. The instructions are focused on defining a specific professional persona and maintaining branding consistency. It includes guidance to 'Ask First' before disclosing sensitive or internal info, which is a positive safety feature.
- [DATA_EXFILTRATION]: No network operations, sensitive file path access, or credential harvesting patterns were detected. The skill explicitly states 'Writes Code: Never' and focuses on generating Japanese text for profiles and strategies.
- [REMOTE_CODE_EXECUTION]: No remote code execution patterns, package installations, or external script downloads are present. The skill relies on static markdown references for branding advice.
- [OBFUSCATION]: No obfuscated strings, multi-layer encoding, or hidden characters were found. Content is in plain, readable Markdown and YAML.
- [PRIVILEGE_ESCALATION]: The skill does not contain any commands associated with privilege escalation (e.g., sudo, chmod) or system configuration changes.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to process external data like PR statistics and technical achievements from other agents (e.g., Harvest). While this is an ingestion surface, the skill lacks the capabilities (like code execution or network access) to be exploited by malicious data. It focuses on text transformation for branding purposes.
- [DYNAMIC_EXECUTION]: There are no signs of dynamic code generation or execution. The 'Output Templates' provided in the reference files are examples of structured text outputs for the agent to follow.
- [METADATA_POISONING]: The skill metadata (name, description, capabilities) is consistent with the provided instructions and reference content.
- [PERSISTENCE_MECHANISMS]: No attempts to create cron jobs, modify shell profiles, or establish any form of persistence were detected.
Audit Metadata