containment
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No executable code, scripts, or shell commands are present in the skill. It serves as a static reference for human analysts to build containment plans.
- [SAFE]: The
allowed-toolsconfiguration is strictly limited to read-only file system operations (Read,Grep,Glob), preventing unauthorized system modifications or network exfiltration. - [SAFE]: The skill incorporates a robust 'Prompt Injection Safety Notice' in Section 8, explicitly instructing the agent to treat attacker-sourced content as data only and to maintain strict role boundaries.
- [SAFE]: All external references point to authoritative and trusted organizations, including NIST, MITRE, CISA, and Microsoft. No suspicious or unverified external sources were detected.
Audit Metadata