evaluate-skill
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests external data and provides it to sub-agents for execution as part of its testing logic.
- Ingestion points: Reads content from files specified by the
skill-pathandtest-cases-patharguments. - Boundary markers: The instructions do not define clear delimiters or "ignore embedded instructions" warnings when interpolating the skill content into the sub-agent's prompt.
- Capability inventory: The skill has the capability to spawn sub-agents (test-subjects) and supply them with instructions derived from external files.
- Sanitization: There is no evidence of content validation or sanitization for the data read from the filesystem before it is used to drive agent behavior.
Audit Metadata