Skills
skills/morphiqlabs/morphiq-labs-skills/morphiq-build/Gen Agent Trust Hub

morphiq-build

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from external URLs for analysis and content generation.
  • Ingestion points: scripts/extract-content.py (crawled HTML) and scripts/ingest-sources.py (URL inputs).
  • Boundary markers: The instructions in SKILL.md lack explicit delimiters or instructions to ignore embedded commands within ingested content.
  • Capability inventory: The skill leverages the agent's search, extraction, and generation capabilities to rewrite content based on external data.
  • Sanitization: scripts/extract-content.py provides structural sanitization by stripping HTML tags and converting content to markdown.
  • [COMMAND_EXECUTION]: The skill routinely executes local Python scripts (e.g., scripts/analyze-gaps.py, scripts/inject-schema.py, scripts/quality-rewrite.py) to process data passed through standard input and command-line arguments.
  • [EXTERNAL_DOWNLOADS]: The scripts/generate-llms-txt.py script performs direct network requests using the urllib.request library to fetch sitemap files from external domains. The core pipeline also involves downloading content from multiple external sources for research purposes.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 05:54 PM