scanner-tuning
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides a structured methodology for legitimate security engineering tasks, aligning with industry frameworks like CVSS 4.0 and CWE.
- [EXTERNAL_DOWNLOADS]: The skill includes reference links to documentation from trusted organizations such as FIRST.org, MITRE, NIST, and well-known security vendors. These are used neutrally for guidance and do not involve executable code downloads.
- [PROMPT_INJECTION]: The skill instructions acknowledge and mitigate the risk of indirect prompt injection from processed data by including a specific safety notice.
- Ingestion points: Target files or directories specified in the skill frontmatter and process steps.
- Boundary markers: Explicit safety instructions provided in the 'Prompt Injection Safety Notice' section.
- Capability inventory: Uses the platform tools Read, Grep, and Glob to inspect local files.
- Sanitization: Not explicitly performed on raw input data, but the risk is mitigated by strong instructional guardrails.
Audit Metadata