skills/owainlewis/blueprint/implement/Gen Agent Trust Hub

implement

Pass

Audited by Gen Agent Trust Hub on May 27, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates external task data which could contain malicious instructions designed to hijack the agent's behavior.\n
  • Ingestion points: External data sources including task descriptions provided via the argument-hint and project specifications referenced in Step 1 of the workflow.\n
  • Boundary markers: Absent; the instructions do not define delimiters or provide warnings to the agent to ignore instructions embedded in the task data.\n
  • Capability inventory: The skill allows for file modification (Step 3) and execution of test suites and project checks (Step 4).\n
  • Sanitization: Absent; there is no mechanism described for validating or sanitizing input data before it is acted upon.
Audit Metadata
Risk Level
SAFE
Analyzed
May 27, 2026, 04:34 AM
Security Audit — agent-trust-hub — implement