code-scoring
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to analyze and score untrusted code provided by users, which introduces a surface for indirect prompt injection. This could allow instructions hidden within code snippets to influence the agent's scoring behavior or report output.
- Ingestion points: The instructions in
SKILL.mdprompt the agent to process code directly from user input (e.g., 'Score this code on a 1-10 scale'). - Boundary markers: The instructions lack explicit boundary markers or directives to treat input code as passive data, which increases the likelihood of the agent inadvertently following instructions embedded in the code.
- Capability inventory: The skill is restricted to text processing and does not request access to shell execution, file system writes, or network operations, which significantly mitigates the impact of potential injections.
- Sanitization: No sanitization or validation mechanisms are defined to filter out or escape potentially malicious instructions within the code being evaluated.
Audit Metadata