Skills
skills/existential-birds/beagle/receive-feedback/Gen Agent Trust Hub

receive-feedback

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes external feedback data from a file path provided via the $ARGUMENTS variable. An attacker providing a malicious feedback file could include instructions designed to override the agent's core logic or manipulate the verification process. \n
  • Ingestion points: Feedback content is read from a file specified at runtime in the $ARGUMENTS parameter (SKILL.md). \n
  • Boundary markers: The skill does not define clear delimiters or instructions for the agent to ignore potentially malicious commands within the feedback text. \n
  • Capability inventory: The skill uses tools like Read and Grep, and it specifically instructs the agent to "reproduce with test or script" (VERIFICATION.md), which involves executing code on the local environment. \n
  • Sanitization: There is no mention of sanitizing or validating the contents of the feedback file before the agent processes and acts upon the items.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 10:44 AM