ai-slop-audit

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to process untrusted external data (artefacts) across multiple formats (text, code, images, URLs). Maliciously crafted content within these artefacts could attempt to influence the agent's audit verdict or instructions.
  • Ingestion points: The skill ingests data via 'The artefact itself (text, files, screenshots, repo path, or URL)' as defined in SKILL.md.
  • Boundary markers: There are no explicit delimiters or 'ignore embedded instructions' warnings defined for the interpolation of these artefacts into the prompt context.
  • Capability inventory: The skill possesses the capability to read local files, resolve dependencies against external registries (network access), and perform image/code analysis.
  • Sanitization: No explicit sanitization or filtering of the ingested artefact content is mentioned before it is processed by the agent's logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 04:57 PM
Security Audit — agent-trust-hub — ai-slop-audit