byted-skill-demo
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill creates an indirect prompt injection surface by ingesting content from an external knowledge base. Maliciously crafted data within the knowledge base could potentially influence or override the agent's behavior.
- Ingestion points: Results returned from the knowledge base search executed via
scripts/search.py. - Boundary markers: The instructions do not define delimiters or specific "ignore embedded instructions" warnings for the agent when processing the search results.
- Capability inventory: The skill executes a local Python script (
scripts/search.py) to perform its primary function. - Sanitization: There is no evidence of sanitization or validation performed on the retrieved knowledge base content before it is processed by the agent.
Audit Metadata