minecraft-bukkit-pro
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill instructions in
sub-skills/documentation.mdandsub-skills/ecosystem-integration.mddirect the agent to proactively useWebSearchandWebFetchto find current best practices and existing solutions. This establishes a surface for indirect prompt injection, where an adversary could place malicious instructions on a web page or repository that the agent might ingest while researching. - Ingestion points:
sub-skills/documentation.md,sub-skills/ecosystem-integration.md(via WebSearch/WebFetch tools). - Boundary markers: None specified to differentiate between instructions and searched content.
- Capability inventory: Development and architecture tasks including code generation and file management.
- Sanitization: No sanitization or filtering logic is provided for the external data being retrieved.
- [NO_CODE]: The provided skill files consist solely of Markdown documentation and instructions. No executable scripts, binaries, or automated configuration files were detected.
Audit Metadata