Skills
skills/argenkiwi/ambler-ts/ambler-core/Gen Agent Trust Hub

ambler-core

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by instructing the agent to generate and write TypeScript source code based on unvalidated user input.
  • Ingestion points: User-provided core requirements, specifically the 'Behavior', 'State shape', and 'Core name' gathered in Step 1, enter the agent's context and are used to build the code.
  • Boundary markers: The skill does not define any boundary markers or instructions to isolate user-provided content from the code template structure.
  • Capability inventory: The agent has the capability to write files to the local 'cores/' directory to persist the generated code.
  • Sanitization: There is no requirement or mechanism provided for the agent to sanitize, escape, or validate the user-provided logic before it is written to the filesystem.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 04:35 PM