prompt-injection
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill contains phrases such as "Ignore previous instructions" and "What is your system prompt?". These are explicitly presented within the context of 'Step 5: Check for Prompt Leaking' as examples of common extraction attempts for auditors to test. They are not instructions directed at the agent itself.
- [COMMAND_EXECUTION]: The YAML frontmatter includes 'Bash' and 'Write' in the 'allowed-tools' list. These permissions are scoped to the skill's purpose of auditing codebases (e.g., using 'Grep' to find API calls) and documenting findings in report format.
Audit Metadata