poc
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists of instructional markdown and configuration metadata. It contains no executable scripts (Python, Node.js, Shell, etc.) or binary files.
- [SAFE]: The skill provides guidelines for research and prototyping. It explicitly instructs the agent to 'Never request/store secrets' and 'Prefer mocks/sample data over sensitive data.'
- [PROMPT_INJECTION]: The skill is designed to process external inputs such as existing code or API specifications, creating a surface for indirect prompt injection. 1. Ingestion points: Untrusted data enters the agent context through 'Existing code, APIs, or competing approaches' as described in SKILL.md. 2. Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the provided code samples. 3. Capability inventory: The skill is restricted to generating text-based artifacts like code sketches and plans; it lacks the capability for subprocess execution, file system writes, or network exfiltration. 4. Sanitization: No sanitization, validation, or escaping of input code is defined.
Audit Metadata