israeli-relocation-abroad

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: No patterns of prompt injection, role-play instructions, or attempts to bypass safety filters were detected. The instructions are purely functional and oriented towards providing relocation guidance.
  • [DATA_EXFILTRATION]: The skill does not access sensitive local file paths (such as SSH keys or AWS credentials) and contains no code for exfiltrating data to external servers.
  • [REMOTE_CODE_EXECUTION]: There are no patterns of remote code execution. The skill does not perform external downloads of scripts or packages, and the provided Python scripts in the scripts/ directory perform local logical operations without network access.
  • [OBFUSCATION]: No obfuscated content, encoded strings (e.g., Base64), or hidden characters were found in the instructions, metadata, or source code.
  • [COMMAND_EXECUTION]: The skill instructs the agent to run specific local Python scripts with arguments based on user input. These scripts (relocation-checklist.py and residency-check.py) use standard argument parsing and do not use dangerous functions like eval() or exec().
  • [CREDENTIALS_UNSAFE]: No hardcoded credentials, API keys, or secrets were found. The skill correctly instructs users to manage their own logins for government portals.
  • [INDIRECT_PROMPT_INJECTION]: While the skill processes user-supplied parameters for relocation scenarios, these are passed as command-line arguments to internal scripts that do not interpolate them into prompts or execute them as code. The capability surface is limited to informational guidance.
  • [PRIVILEGE_ESCALATION]: No commands requiring elevated privileges (like sudo) or modifications to system configurations were detected.
  • [PERSISTENCE_MECHANISMS]: No attempts to establish persistence on the host system (e.g., cron jobs, startup items) were found.
  • [DYNAMIC_EXECUTION]: The provided scripts perform static logic based on user input. There is no runtime generation or execution of code from untrusted sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 08:36 PM
Security Audit — agent-trust-hub — israeli-relocation-abroad