skills/ascend-ai-coding/awesome-ascend-skills/external-gitcode-ascend-ascendc-operator-doc-writer/Gen Agent Trust Hub
external-gitcode-ascend-ascendc-operator-doc-writer
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted data from local source files and external documentation templates without strict safety boundaries. * Ingestion points: The skill reads local C++ source files and reference README documents to extract technical details (
SKILL.md, Workflow Step 1). * Boundary markers: No instructions are provided to the agent to use delimiters or to ignore potential commands embedded within the source code comments or the template files. * Capability inventory: The agent has the capability to read local files and communicate with external APIs if requested by the user. * Sanitization: No validation or sanitization of the content read from files is performed. - [DATA_EXFILTRATION]: The skill includes a workflow for potential data exposure by instructing the agent to extract source code snippets and send them to external APIs (
SKILL.md, Decision Rules). This creates a path for potentially sensitive intellectual property to be sent to untrusted remote endpoints.
Audit Metadata