ingest
Pass
Audited by Gen Agent Trust Hub on Jun 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill is designed to ingest and process raw files from the
raw/directory, which constitutes untrusted external data. - Ingestion points: The skill reads source files in the
raw/directory as specified in the "Steps" section ofSKILL.md. - Boundary markers: The instructions lack boundary markers or explicit warnings to ignore instructions embedded within the source files during the distillation process.
- Capability inventory: The skill possesses significant file-write capabilities across the
wiki/directory, including creating new pages and modifying the index and log files. - Sanitization: No sanitization, escaping, or validation steps are defined for the content extracted from external source files before it is used to generate or update wiki pages.
Audit Metadata