israeli-car-accident-claim
Pass
Audited by Gen Agent Trust Hub on Jun 28, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill instructions are focused on guiding the user through legal and insurance procedures. No patterns of jailbreaking, system prompt extraction, or safety filter bypasses were detected.
- [DATA_EXFILTRATION]: No sensitive file paths (e.g., credentials, SSH keys, environment files) are accessed. Network operations are not present in the bundled script, and external URLs point to official Israeli government and legal resources.
- [REMOTE_CODE_EXECUTION]: The skill uses a local Python script (
scripts/claim_router.py) for logic. The script uses standard libraries (argparse,json,sys) and does not perform dynamic code execution, subprocess spawning, or remote script fetching. - [OBFUSCATION]: Content was analyzed for Base64, zero-width characters, homoglyphs, and hidden text patterns. No obfuscation was found.
- [INDIRECT_PROMPT_INJECTION]: The skill processes user-provided accident descriptions to route claims. While it ingests untrusted data, the tool interface is limited to predefined flags (e.g.,
--injuries,--my-fault), which minimizes the surface for command injection or agent manipulation.
Audit Metadata