openGDPR
Pass
Audited by Gen Agent Trust Hub on Jun 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates as a specialized privacy auditing tool. Its core logic is implemented in a local Python script (
scripts/scan_codebase.py) that performs regex-based scanning of local files. The script does not use external dependencies or perform network operations.\n- [SAFE]: Data processing is limited to identifying PII (emails, financial data, etc.) within the target codebase for report generation. No patterns suggesting unauthorized exfiltration or credential harvesting from the host environment were found.\n- [SAFE]: All referenced tools and CLI commands appear to be illustrative or aliases for the included Python script. No suspicious command execution or privilege escalation attempts were detected.\n- [PROMPT_INJECTION]: The skill implements a compliance auditor persona that reads untrusted snippets from the user's codebase. This creates a surface for indirect prompt injection where malicious instructions hidden in code comments or data files could influence the agent's audit report. However, this risk is inherent to the tool's primary function and is mitigated by the specific scope of the auditing instructions.\n - Ingestion points:
scripts/scan_codebase.pyreads content from provided directory paths.\n - Boundary markers: The extracted snippets (limited to 100 characters) are included in the audit findings without explicit sanitization or instruction-isolation delimiters.\n
- Capability inventory: The AI agent interprets scanner findings to generate a structured compliance report.\n
- Sanitization: Truncation of snippets provides a basic limit on payload length, but no structural escaping is performed on the extracted content.
Audit Metadata