implement
Pass
Audited by Gen Agent Trust Hub on May 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates external task data which could contain malicious instructions designed to hijack the agent's behavior.\n
- Ingestion points: External data sources including task descriptions provided via the
argument-hintand project specifications referenced in Step 1 of the workflow.\n - Boundary markers: Absent; the instructions do not define delimiters or provide warnings to the agent to ignore instructions embedded in the task data.\n
- Capability inventory: The skill allows for file modification (Step 3) and execution of test suites and project checks (Step 4).\n
- Sanitization: Absent; there is no mechanism described for validating or sanitizing input data before it is acted upon.
Audit Metadata