vedic-love
Pass
Audited by Gen Agent Trust Hub on May 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses emphatic instructions like 'Priority Highest' (优先级最高) to enforce strict stylistic and operational constraints. These instructions are designed to override the default conversational patterns of the AI model to ensure it adheres to a specific persona and follows a mandatory procedure of writing directly to files instead of chatting.
- [INDIRECT_PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing external data as its primary input.
- Ingestion points: Reads and processes content from 'structured_data.md' and 'core' audit reports (SKILL.md).
- Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat content within the ingested files as untrusted data or to ignore any embedded instructions.
- Capability inventory: The skill instructs the agent to use file-writing capabilities to create and modify multiple Markdown files (love_step1.md, love_step2.md, love_step3.md, and QA files).
- Sanitization: There is no mention of sanitization, validation, or escaping logic applied to the data read from the external files before it is processed or written back to the file system.
Audit Metadata