competition-web-runtime
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it is designed to ingest and process untrusted data from external web sources.\n
- Ingestion points: The skill instructs the agent to analyze untrusted artifacts including Entry HTML, boot scripts, runtime configuration, and API responses (documented in SKILL.md and references/routing-runtime.md).\n
- Boundary markers: The instructions lack specific delimiters or warnings to treat text embedded within the analyzed data as non-instructional content.\n
- Capability inventory: The skill facilitates the capture and analysis of network requests, headers, and browser storage, which are sensitive operations when performed on untrusted input.\n
- Sanitization: There are no instructions for sanitizing or escaping the external content before it is processed by the agent.\n- [NO_CODE]: The skill consists entirely of markdown instructions and YAML configuration files; no executable scripts, binaries, or library dependencies are included in the package.
Audit Metadata