ia-format
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection as it processes untrusted data from external files or user input.
- Ingestion points: The skill reads content from file paths or text blocks provided via
$ARGUMENTSinSKILL.md. - Boundary markers: There are no delimiters or instructions defined to prevent the agent from following malicious instructions that might be embedded in the content being formatted.
- Capability inventory: The skill performs file write operations (overwriting files) across the workspace as described in
SKILL.md. - Sanitization: No sanitization or validation of the input text is specified before the formatting process begins.
Audit Metadata