research
Pass
Audited by Gen Agent Trust Hub on Jul 14, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from external sources and writes to the local filesystem, creating an attack surface for indirect prompt injection.
- Ingestion points: Primary sources like official docs, source code, and first-party APIs mentioned in SKILL.md.
- Boundary markers: Absent. There are no instructions to isolate or delimit external content.
- Capability inventory: The skill uses filesystem write capabilities to save Markdown files.
- Sanitization: Absent. The instructions do not mandate sanitization or validation of the retrieved content.
Audit Metadata