skills/mukul975/anthropic-cybersecurity-skills/testing-for-system-prompt-leakage/Gen Agent Trust Hub
testing-for-system-prompt-leakage
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill provides instructions and a script containing common prompt injection and instruction-override payloads. These are presented as deliberate test cases for evaluating an LLM's resistance to extraction attacks, consistent with the skill's security testing focus.
- [COMMAND_EXECUTION]: Instructions guide users on installing and using established security tools like
garakandpromptfoo. These commands are standard for setting up the necessary environment for AI vulnerability scanning. - [EXTERNAL_DOWNLOADS]: The skill references the installation of well-known security frameworks and the
openaiSDK from public registries. These are legitimate dependencies for the provided testing functionality. - [DATA_EXFILTRATION]: The
agent.pyutility communicates with model endpoints to assess them for leakage. This network interaction is a core functional requirement and is triggered based on user-supplied API keys and endpoint configuration.
Audit Metadata