control-deficiency
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No evidence of role-play, safety bypass, or instructions to ignore system guidelines. The instructional language is focused on the intended purpose of financial audit assessment.
- [DATA_EXFILTRATION]: No network operations (curl, wget, fetch) or exfiltration patterns were detected. The skill reads from a local project configuration file (
../../CLAUDE.md), which is standard behavior for retrieving context in its intended environment. - [EXTERNAL_DOWNLOADS]: No external dependencies, remote scripts, or package installations are requested.
- [COMMAND_EXECUTION]: The skill does not contain any shell commands, subprocess calls, or executable code snippets. It operates entirely through natural language processing and report generation.
- [CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or sensitive credentials were found. The instructions appropriately prompt for placeholders or project context.
- [REMOTE_CODE_EXECUTION]: No remote code execution patterns, dynamic execution (eval/exec), or runtime compilation were identified.
Audit Metadata