Loop
Pass
Audited by Gen Agent Trust Hub on Jun 30, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill iterates over external file content, which introduces a surface for indirect prompt injection where malicious instructions in a target file could attempt to influence the agent's logic.
- Ingestion points: External files and directory paths provided via the
--targetargument inSKILL.md. - Boundary markers: The skill does not define explicit delimiters or security warnings to separate target content from system instructions.
- Capability inventory: The skill triggers the agent's internal Algorithm, which includes file system reading and writing capabilities across all phases.
- Sanitization: No evidence of input validation or content sanitization is present in the skill's instructions.
Audit Metadata