hr-talent-management

Pass

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill consists entirely of Markdown files (SKILL.md, examples/building-a-succession-pipeline-for-a-scaling-organization.md, content/understanding-talent-management-for-strategic-hr-leadership.md) providing domain knowledge and prompt templates. No executable scripts, binaries, or automated tools are present.
  • [SAFE]: No prompt injection patterns, obfuscation techniques, or hidden content (such as Base64 or zero-width characters) were detected.
  • [SAFE]: The skill does not attempt to perform network operations, access sensitive system files, or establish persistence.
  • [DATA_EXFILTRATION]: The skill provides instructions for users to manually input sensitive HR data (performance ratings, engagement scores, and employee IDs) into an LLM for analysis. This is a functional data processing surface described in the documentation and does not involve automated exfiltration by the skill itself.
  • [PROMPT_INJECTION]: The skill defines an 'AI-assisted analysis workflow' where the agent processes external data (CSV/spreadsheets). This creates a theoretical attack surface for indirect prompt injection if the user-provided data contains malicious instructions, but the skill contains no malicious code to facilitate such an attack.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 7, 2026, 02:48 AM
Security Audit — agent-trust-hub — hr-talent-management