recursive-string-diagrams
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The 'Skill Creation Protocol' in
SKILL.mdinstructs the agent to generate new skill definitions and save them to the local filesystem at~/.claude/skills/<name>/SKILL.md. This behavior creates an attack surface for indirect prompt injection if the inputs to the generation process (the 'Seed') are provided by an untrusted source. - Ingestion points: The 'Seed' and recursive generation logic defined in the Skill Creation Protocol in
SKILL.md. - Boundary markers: Absent; the protocol does not specify any sanitization or validation of the generated content before it is written to disk.
- Capability inventory: File-write operations to the agent's local configuration directory (
~/.claude/skills/). - Sanitization: Absent; the protocol lacks instructions to escape or verify the integrity of the resulting skill file content.
Audit Metadata