Skills
skills/infranodus/skills/llm-wiki/Gen Agent Trust Hub

llm-wiki

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an Indirect Prompt Injection surface during its ingestion and processing phases.
  • Ingestion points: The skill reads and processes external data from the raw/ directory (SKILL.md), including web content, YouTube transcripts, and documents fetched from the web (Phases 8 and 9).
  • Boundary markers: The skill lacks instructions to use delimiters or specific warnings to ignore instructions embedded within the processed raw data.
  • Capability inventory: The agent has access to Read, Write, and Bash tools (SKILL.md) which are used during the acquisition and ingestion phases.
  • Sanitization: There is no evidence of sanitizing or validating the content of external sources before they are processed by the agent.
  • [COMMAND_EXECUTION]: The skill provides bash snippets in the preamble and inventory steps (Phases 8 and 9) to perform git branch checks and file discovery.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 03:03 PM
Security Audit — agent-trust-hub — llm-wiki