astro-islands

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill's mandatory workflow requires the agent to ingest data from external sources via research and documentation query tools (fuse-ai-pilot:research-expert and mcp__context7__query-docs). This creates an indirect prompt injection surface where malicious content from the web or third-party documentation could influence the implementation logic provided by the agent.\n
  • Ingestion points: Workflow steps in SKILL.md mandate using fuse-ai-pilot:research-expert (web research) and mcp__context7__query-docs (documentation retrieval) to guide the implementation.\n
  • Boundary markers: The instructions do not specify any delimiters or warnings to ignore potentially malicious embedded instructions within the fetched external data.\n
  • Capability inventory: The agent has the capability to implement code (TeamCreate, fuse-ai-pilot:explore-codebase) and perform validation (fuse-ai-pilot:sniper) based on the ingested content.\n
  • Sanitization: No explicit sanitization, validation, or filtering of the external content is described in the skill's instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 10:54 AM
Security Audit — agent-trust-hub — astro-islands