award-application
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists exclusively of instructions in the SKILL.md file and does not include any executable scripts, binaries, or configuration files.
- [PROMPT_INJECTION]: The skill instructs the agent to fetch content from user-provided URLs to identify award criteria. This creates a surface for indirect prompt injection where malicious content on a website could attempt to influence the agent's output.
- Ingestion points: The process in
SKILL.md(Step 1) involves fetching a "criteria page" from a URL provided by the user. - Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the guidelines.
- Capability inventory: The skill's capabilities are limited to text generation and summarization; no shell execution or sensitive file access tools are defined or requested.
- Sanitization: The instructions do not include steps for sanitizing or validating the content retrieved from external URLs.
Audit Metadata