yy-comment
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of natural language instructions in a Markdown file. It does not include any Python scripts, JavaScript files, or shell scripts, which significantly limits the risk of traditional malware or automated exploits.
- [PROMPT_INJECTION]: The skill's primary function is to ingest and analyze external code files, which introduces a surface for indirect prompt injection (Category 8).
- Ingestion points: In
SKILL.md, the instructions require the agent to "读取目标文件内容" (read target file content) in order to "分析其功能和参数" (analyze its function and parameters). - Boundary markers: None identified. The instructions do not specify any delimiters or warnings to the agent to ignore commands or instructions that might be present in the target code or its existing comments.
- Capability inventory: The skill is designed for documentation; however, agents typically using such skills may have capabilities to write files, commit code, or execute shell commands in the same session.
- Sanitization: No sanitization or validation steps are provided to handle untrusted input from the files being analyzed.
Audit Metadata