qa
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it evaluates untrusted artifacts. 1. Ingestion points: artifact content via file paths and text input as described in SKILL.md. 2. Boundary markers: no specific delimiters are defined for the evaluation context. 3. Capability inventory: file reading and MCP tool calls in SKILL.md. 4. Sanitization: no input validation is performed.
- [COMMAND_EXECUTION]: In fallback mode, the skill dynamically loads its own instructional logic from a project-relative file path specified in SKILL.md.
Audit Metadata