Skills
skills/lyndonkl/claude/worked-example-walkthrough/Gen Agent Trust Hub

worked-example-walkthrough

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents a potential for indirect prompt injection because it processes untrusted user data with accompanying execution capabilities.
  • Ingestion points: The skill ingests user-specified mathematical problems and parameters to generate its walkthrough frames, as seen in SKILL.md.
  • Boundary markers: No specific boundary markers or instructions to ignore embedded prompts in user data are provided.
  • Capability inventory: The 'Guardrails' section in SKILL.md explicitly instructs the agent to use a Bash shell and numpy to compute states for complex problems.
  • Sanitization: No input validation or sanitization routines are specified for the user-provided math problems before they reach the computational stage.
  • [COMMAND_EXECUTION]: The skill encourages using a Bash shell to execute numpy scripts for verifying math operations. Although intended for accuracy, this provides a pathway for code execution derived from untrusted inputs.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 09:16 AM
Security Audit — agent-trust-hub — worked-example-walkthrough