rule-quality-evaluator
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill performs static and behavioral analysis of local instruction files. It reads project configuration files such as package.json and pyproject.toml to identify redundant rules, which is standard behavior for development tools.
- [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection by ingesting untrusted rule sets without explicit boundary markers or sanitization. 1. Ingestion points: instruction files (Step 1). 2. Boundary markers: absent. 3. Capability inventory: prompt generation and skill invocation (Step 6/7). 4. Sanitization: absent. This risk is associated with the skill's primary purpose of evaluating instructions.
Audit Metadata