riff
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No executable code or scripts.
- The skill is strictly limited to conversational brainstorming and does not contain any scripts, binaries, or automated tasks.
- The
Boundariessection explicitly prohibits the agent from writing code. - [SAFE]: No network or file system access.
- The analysis found no network commands (e.g., curl, wget) or file system manipulation tools.
- The skill does not request or use any sensitive API keys or credentials.
- [SAFE]: Secure input handling.
- The
RECEIVEworkflow phase mandates that the agent summarizes and confirms the user's idea before proceeding, which helps mitigate accidental obedience to malicious instructions embedded in user data. - [SAFE]: No external dependencies or obfuscation.
- All logic is defined in plain-text markdown files without the use of third-party packages (npm/pip) or obfuscated content (Base64/Hex).
Audit Metadata