ubiquitous-language
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes untrusted data from the conversation history to generate persistent files.
- Ingestion points: The skill is instructed to scan the active conversation history for domain-relevant terms, nouns, and concepts (SKILL.md).
- Boundary markers: Absent. There are no instructions provided to the agent to help it distinguish between its core logic and potentially malicious instructions embedded within the conversation data being processed.
- Capability inventory: The skill utilizes file-writing and reading capabilities to create, update, and maintain the
UBIQUITOUS_LANGUAGE.mdfile. - Sanitization: Absent. The instructions do not specify any validation, filtering, or escaping for the terms and definitions extracted from the conversation before they are written to the local filesystem.
- [COMMAND_EXECUTION]: The skill instructs the agent to interact with the host filesystem by reading and writing to
UBIQUITOUS_LANGUAGE.mdin the working directory. While this behavior is documented as the skill's primary function, it represents a persistent modification of the local environment based on processed conversation data.
Audit Metadata