wiring-doc

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from local project files. \n
  • Ingestion points: The skill reads various project files including main/*.c, main/*.h, main/CMakeLists.txt, sdkconfig.defaults, justfile, README.md, CLAUDE.md, and Kconfig.projbuild. \n
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to isolate the ingested file content from its main instructions. \n
  • Capability inventory: The skill utilizes Write, Edit, and Agent tools, which could potentially be misused if the agent follows malicious instructions embedded within the source files. \n
  • Sanitization: No explicit sanitization, filtering, or validation is performed on the content of the files before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 08:45 AM
Security Audit — agent-trust-hub — wiring-doc