Skills
skills/copyleftdev/sk1llz/google-continuous-fuzzing/Gen Agent Trust Hub

google-continuous-fuzzing

Fail

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: HIGHPROMPT_INJECTIONSAFE
Full Analysis
  • [PROMPT_INJECTION]: Hidden content is embedded in the headers of SKILL.md and references/fuzz_techniques.md using zero-width characters (U+200B, U+200C, U+200D, U+2060). This obfuscation technique hides a non-visible encoded sequence ("SKi1L...") from the human-readable text. Such methods are frequently used in indirect prompt injection attacks to deliver hidden instructions to an AI agent without user awareness.
  • [SAFE]: The skill correctly points to official and trusted documentation from Google (google.github.io/oss-fuzz and google.github.io/clusterfuzz). The provided code snippets follow established security testing practices, such as the use of sanitizers (ASan, MSan, UBSan) and the Atheris fuzzing engine.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 15, 2026, 07:01 PM
Security Audit — agent-trust-hub — google-continuous-fuzzing