principle-boundary-discipline

Pass

Audited by Gen Agent Trust Hub on Jul 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill contains instructions that attempt to override the agent's default behavior and model selection logic. It explicitly directs the agent to replace standard model defaults with "Codex gpt-5.6-sol" (a non-existent model) and to treat specific task calls as delegation triggers for external workers.
  • [PROMPT_INJECTION]: The instruction "Trust internal code unconditionally" is presented as a software architecture principle (Boundary Discipline) but poses a risk if the agent adopts this as a behavioral constraint, potentially leading it to bypass validation or safety reviews of its own generated code or internal state.
  • [PROMPT_INJECTION]: The skill defines a set of behavioral overrides ("Uni-pstack Runtime Adapter") that instruct the agent to disregard conceptual cues from other tools and instead use specific host terminal and git tools, effectively hijacking the agent's interpretation of standard workflow instructions.
  • [PROMPT_INJECTION]: The guidance to "Apply these overrides before following the original workflow" is a classic prompt injection pattern aimed at modifying the agent's core operating instructions for subsequent tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 10, 2026, 04:46 PM