minecraft-bukkit-pro

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill instructions in sub-skills/documentation.md and sub-skills/ecosystem-integration.md direct the agent to proactively use WebSearch and WebFetch to find current best practices and existing solutions. This establishes a surface for indirect prompt injection, where an adversary could place malicious instructions on a web page or repository that the agent might ingest while researching.
  • Ingestion points: sub-skills/documentation.md, sub-skills/ecosystem-integration.md (via WebSearch/WebFetch tools).
  • Boundary markers: None specified to differentiate between instructions and searched content.
  • Capability inventory: Development and architecture tasks including code generation and file management.
  • Sanitization: No sanitization or filtering logic is provided for the external data being retrieved.
  • [NO_CODE]: The provided skill files consist solely of Markdown documentation and instructions. No executable scripts, binaries, or automated configuration files were detected.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 05:06 PM
Security Audit — agent-trust-hub — minecraft-bukkit-pro