s-audit
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data in the form of WoW addon source code, which presents a surface for indirect prompt injection where an attacker could hide instructions in addon comments or strings.
- Ingestion points: Addon source files are ingested via the
addonparameter in MCP tools such asaddon.securityandaddon.complexity. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the analyzed code are present in the skill's markdown or tool descriptions.
- Capability inventory: The skill provides tools to read and analyze addon structure and logic.
- Sanitization: There is no evidence of sanitization, escaping, or validation of the external addon content before it is processed by the agent.
Audit Metadata