Skills
skills/pjt222/development-guides/evaluate-levitation-mechanism/Gen Agent Trust Hub

evaluate-levitation-mechanism

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its required input fields. An attacker could embed instructions within the 'Application description' to manipulate the agent's logic during the evaluation process.
  • Ingestion points: The 'Inputs' section in SKILL.md defines several entry points for untrusted data, including 'Application description' and 'Payload properties'.
  • Boundary markers: The procedure lacks explicit delimiters or system instructions to distinguish between the user's data and the agent's core logic, increasing the risk of instruction obedience from the input data.
  • Capability inventory: The skill is granted access to powerful tools including WebFetch, WebSearch, Read, Grep, and Glob, which could be abused if an injection is successful.
  • Sanitization: There is no evidence of input validation, filtering, or sanitization steps to neutralize potential command or instruction injection in the provided methodology.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 07:13 AM