resilience-audit
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to ingest and process untrusted application source code and live web content.\n
- Ingestion points: Source code files are read during the exploration phase (Phase 2), and live web content is accessed during interactive verification (Phase 4).\n
- Boundary markers: Prompts provided for sub-agents (e.g., in references/agent-prompts.md) do not utilize explicit delimiters or safety instructions to distinguish between the skill's instructions and the untrusted content being analyzed.\n
- Capability inventory: The skill maintains the ability to write to the local filesystem (reports/resilience-audit.md) and execute browser-based tasks via platform-specific tools (tabs_context_mcp, tabs_create_mcp).\n
- Sanitization: No validation or sanitization mechanisms are implemented for the data retrieved from the audited codebase or web pages before it is processed or reported.
Audit Metadata