iblai-security-prompt-injection

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill documentation includes common prompt injection patterns like 'Ignore previous instructions' and 'What is your system prompt?'. These are explicitly categorized as examples for the agent to look for during security assessments and do not constitute an attempt to subvert the agent's own instructions.
  • [COMMAND_EXECUTION]: The skill is configured to use the Bash tool. The instructions direct the agent to use this tool for benign static analysis tasks, such as using 'grep' to find AI-related API calls in a local codebase.
  • [EXTERNAL_DOWNLOADS]: The skill mentions external references including OWASP, NIST, and MITRE. These are well-known security organizations, and the skill does not attempt to download or execute code from these sources automatically.
  • [DATA_EXFILTRATION]: No patterns indicative of credential harvesting or unauthorized data transmission were found. The skill emphasizes identifying and remediating insecure data handling in the applications being audited.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 03:47 PM
Security Audit — agent-trust-hub — iblai-security-prompt-injection