Skills
skills/shaun-z/auto-claude-code-research-in-sleep/figure-description/Gen Agent Trust Hub

figure-description

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its processing of untrusted user-supplied documentation and image files.\n
  • Ingestion points: The workflow involves reading local project files including INVENTION_DISCLOSURE.md, CLAIMS.md, and various figure formats (PNG, JPG, SVG, PDF) via the Read tool.\n
  • Boundary markers: The instructions lack specific delimiters or "ignore instructions" warnings to protect the agent from interpreting embedded commands within the source documents.\n
  • Capability inventory: The agent is granted high-privilege tools such as Bash(*), Write, Edit, WebSearch, and WebFetch, which increases the potential impact if a malicious instruction is successfully injected.\n
  • Sanitization: There is no evidence of input validation, filtering, or escaping performed on the ingested data before it is processed by the language model.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 03:14 AM