skill-audit
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill documentation includes examples of common prompt injection phrases like 'ignore previous instructions' and 'you are now...'. These are documented as diagnostic patterns to be identified in other skills and are not intended as active instructions for the agent to follow.
- [PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted content from third-party repositories, creating a surface for potential indirect prompt injection attacks.
- Ingestion points: The skill instructs the agent to read and inspect
SKILL.mdfiles and associated scripts from external, user-provided sources. - Boundary markers: There are no explicit instructions provided for the agent to use delimiters or to treat instructions found within audited files as inert data.
- Capability inventory: The skill encourages reading external scripts and repository metadata to identify malicious patterns.
- Sanitization: No specific sanitization, validation, or escaping mechanisms are described for the content being processed during the audit phases.
Audit Metadata