munger-perspective

Pass

Audited by Gen Agent Trust Hub on May 30, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill establishes a specific persona using detailed instructions and behavioral constraints. It utilizes control keywords such as 'STOP' and 'EXIT TRIGGER' to manage the state of the persona (e.g., ensuring a disclaimer is shown only once and allowing the user to end the simulation). These are legitimate functional instructions and do not attempt to override global safety filters.
  • [EXTERNAL_DOWNLOADS]: Documentation in the README recommends installation via a community-standard skill manager (npx skills), pointing to the author's own GitHub repositories (alchaincyf/munger-skill and alchaincyf/nuwa-skill). These are recognized vendor resources and do not represent a security risk.
  • [PROMPT_INJECTION]: The skill incorporates a research workflow that ingests data from external sources via tool output.
  • Ingestion points: Web search results gathered during the 'Step 2: 芒格式研究' (Munger-style Research) process defined in SKILL.md.
  • Boundary markers: The instructions implement a logical buffer by requiring the agent to summarize facts internally before generating a response, though it lacks strict delimiters for the raw search output.
  • Capability inventory: The skill utilizes WebSearch capabilities to gather information on companies, executives, and events.
  • Sanitization: There are no explicit sanitization or filtering instructions for the search results, representing a standard but low-risk surface for indirect prompt injection.
Audit Metadata
Risk Level
SAFE
Analyzed
May 30, 2026, 05:44 AM
Security Audit — agent-trust-hub — munger-perspective