explore
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection attack surface because it is instructed to ingest and synthesize data from potentially untrusted sources.
- Ingestion points: Processes repository files, documentation, configurations, and external references as defined in the LOAD_CONTEXT workflow step within SKILL.md.
- Boundary markers: The instructions lack explicit delimiters or warnings to ignore embedded instructions within the source material being explored.
- Capability inventory: The skill has the capability to write and update files in the
docs/designs/directory based on its synthesis of gathered information. - Sanitization: There is no evidence of sanitization, validation, or filtering of the content ingested from the external sources before it is used to generate artifacts.
Audit Metadata