context-compressor
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection vulnerability.
- Ingestion points: The skill processes external, untrusted content including conversation histories, source code files, and research results as defined in SKILL.md.
- Boundary markers: The instructions lack explicit boundary markers or directives to ignore instructions within the content being compressed.
- Capability inventory: The skill is configured for implicit invocation in agents/openai.yaml, allowing it to trigger automatically on untrusted data.
- Sanitization: No sanitization or validation steps are defined for the input data before processing.
- [NO_CODE]: The skill consists of prompt instructions and YAML configuration files but does not include any executable scripts or binary files.
Audit Metadata