task-compliance
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from task files and source code without implementing safeguards or instruction isolation.
- Ingestion points: Data is extracted from task files and the repository as specified in the 'Extract Checklist' and 'Check Compliance' sections of SKILL.md.
- Boundary markers: None. The skill does not instruct the agent to use delimiters or to ignore potential commands embedded within the requirements or code it reviews.
- Capability inventory: The skill requires file-reading capabilities to perform its primary function of code and requirement extraction.
- Sanitization: There is no mention of sanitization, validation, or filtering of the content being reviewed before it is processed by the agent.
Audit Metadata