sf-b2c-isml

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [SAFE]: The skill functions as a developer reference for ISML syntax and template inheritance. It includes comprehensive instructions on security best practices, particularly regarding the use of correct encoding modes for the tag to prevent cross-site scripting (XSS) vulnerabilities.\n- [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection by instructing the agent to fetch live documentation from the web. \n
  • Ingestion points: External documentation is retrieved via WebSearch and WebFetch in SKILL.md.\n
  • Boundary markers: No specific delimiters or "ignore instructions" warnings are defined for the fetched external content.\n
  • Capability inventory: The skill has access to tools including Bash, Write, Edit, and Read.\n
  • Sanitization: The skill does not specify filtering or validation steps for content retrieved from external sources.\n- [EXTERNAL_DOWNLOADS]: The skill performs network operations using WebFetch to retrieve technical references. These operations target well-known technology services and official documentation repositories, which is considered standard and safe operational behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 02:51 PM
Security Audit — agent-trust-hub — sf-b2c-isml