prompt-injection-defense

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill documentation and test scripts contain references to common prompt injection phrases like "ignore previous instructions". These are explicitly used as illustrative examples and test data for the detection scripts rather than actual attempts to manipulate the agent.
  • [COMMAND_EXECUTION]: The skill relies on local Python scripts for scanning and sanitizing content. These scripts use standard libraries (argparse, json, unicodedata) and perform deterministic byte-level processing without executing untrusted external code or making dangerous system calls.
  • [DATA_EXFILTRATION]: While the skill includes documentation on handling data from external sources via tools like WebFetch, no patterns were found that indicate sensitive data being transmitted to unauthorized external domains.
  • [SAFE]: The presence of Unicode steganography patterns (tag-block smuggling, bidi overrides) in the test fixtures is a necessary component of the skill's self-test suite and does not pose a risk in its intended context.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 11:54 AM
Security Audit — agent-trust-hub — prompt-injection-defense