tahr-trace-dangerous-inputs

Pass

Audited by Gen Agent Trust Hub on Jul 15, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is comprised entirely of Markdown-based documentation and instructions. It contains no executable scripts (Python, JavaScript, Shell) or binary files, which eliminates the risk of direct malicious code execution from the skill package itself.
  • [PROMPT_INJECTION]: As a security analysis tool, the skill is designed to ingest and process untrusted data such as application source code, specifications, and network traffic. This creates an inherent surface for indirect prompt injection. However, the instructions provide strong compensating controls by requiring the agent to operate within authorized scopes, establish baselines, and use inert markers for validation. The mandatory evidence chain for this surface area is: 1. Ingestion points: Repository roots, specifications, and traffic logs (SKILL.md); 2. Boundary markers: Not explicitly defined in instructions; 3. Capability inventory: Instructions to perform network-based runtime probes and data mutations (SKILL.md); 4. Sanitization: Not specified for the input data.
  • [COMMAND_EXECUTION]: While the skill instructs the agent on how to validate command injection and RCE vulnerabilities, it does not provide any malicious payloads or automated execution logic. It defines 'proof gates' that require low-impact command output or controlled callbacks, emphasizing safe and authorized validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 15, 2026, 02:59 PM