skill-stocktake
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests content from other SKILL.md files for evaluation, creating a surface for indirect prompt injection where a malicious target skill could attempt to influence the audit outcome.
- Ingestion points: Recursive reading of skill files in the .agent/skills directory.
- Boundary markers: None mentioned.
- Capability inventory: Recommends file system deletions and performs web searches for package verification.
- Sanitization: Relies on structured rubric evaluation.
Audit Metadata