Skills
skills/codefilabs/pickanumber/hackathon-judge/Gen Agent Trust Hub

hackathon-judge

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use glob and grep utilities to traverse the submission codebase, locating all backing files for claimed features.
  • [EXTERNAL_DOWNLOADS]: The skill fetches content from external video hosting services (including YouTube, MP4 links, and Loom) to perform demo analysis during Pass 2.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from project source code and video transcripts.
  • Ingestion points: Project codebase (Pass 1) and external video/transcripts (Pass 2).
  • Boundary markers: Not explicitly defined; the skill lacks specific delimiters to separate processed data from instructions.
  • Capability inventory: Extensive local file reading, network access to video platforms, and file-writing capabilities to the ./_judge/ directory.
  • Sanitization: No explicit sanitization or instruction-filtering is described for the content extracted from the README or code files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 02:01 PM
Security Audit — agent-trust-hub — hackathon-judge