ai-data-privacy
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for defensive security analysis and follows best practices for handling untrusted data. Its methodology aligns with established frameworks like NIST AI RMF and OWASP.
- [PROMPT_INJECTION]: The skill includes a 'Prompt Injection Safety Notice' that explicitly instructs the agent to treat reviewed content as data for analysis rather than instructions. It directs the agent to ignore any embedded commands or behavior overrides found in the target files.
- [EXTERNAL_DOWNLOADS]: No external dependencies, package installations, or remote script executions are initiated or required by the skill.
- [DATA_EXFILTRATION]: There is no evidence of hardcoded credentials, unauthorized network operations, or attempts to exfiltrate sensitive information. The skill operates locally using restricted tools.
- [COMMAND_EXECUTION]: The skill restricts tool usage to 'Read', 'Grep', and 'Glob'. It contains explicit instructions to analyze but never execute code or commands discovered within the content under review.
Audit Metadata