context-injection
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill is purely documentation-based, providing architectural patterns and code snippets for prompt engineering. No executable code or malicious logic is provided.
- [PROMPT_INJECTION]: The skill addresses the handling of external data (RAG context), which is an inherent surface for indirect prompt injection. It proactively recommends mitigations such as XML boundary markers and citation validation to reduce risk.
- Ingestion points: SKILL.md (describes patterns for injecting external document chunks into user prompts).
- Boundary markers: Recommends using and XML tags to clearly separate external data from system instructions.
- Capability inventory: None; the skill contains no executable scripts, tools, or shell access.
- Sanitization: Encourages relevance filtering via similarity thresholds and server-side citation validation to detect and handle hallucinations or malformed context.
- [NO_CODE]: The skill does not include any executable scripts, binaries, or automated installation steps; it consists solely of markdown instructions for educational purposes.
Audit Metadata