structured-content-storage
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill's primary function involves reading and understanding existing codebases to enforce structural standards. This creates a vulnerability surface for indirect prompt injection, where malicious instructions embedded in the project files being processed could influence the agent. \n
- Ingestion points: The SKILL.md instructions require the agent to read and understand original project structures and files before modification. \n
- Boundary markers: There are no explicit instructions to use boundary markers or to treat embedded instructions in the source files as untrusted data. \n
- Capability inventory: The skill performs file system operations (reading, writing, and directory creation) which could be misdirected by injected instructions. \n
- Sanitization: No sanitization or filtering of input content is specified before the agent processes the code for documentation purposes.
Audit Metadata