distill
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes user-provided design specifications and codebases.
- Ingestion points: The [target] argument and project source files provided in the context.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the skill instructions.
- Capability inventory: The agent is instructed to modify the project's code structure and remove elements, which could be exploited if the target data contains malicious instructions.
- Sanitization: No validation or sanitization of the input data is performed before the agent acts on the simplification instructions.
- [NO_CODE]: The skill is composed entirely of markdown instructions and does not include any executable scripts, binaries, or configuration files.
Audit Metadata