humanize
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill incorporates an 'Indirect Prompt Injection' attack surface through its 'Voice Calibration' feature, which processes user-specified files to adapt the agent's writing style.
- Ingestion points: Local file paths provided by users in the 'Voice Calibration' section of
SKILL.md. - Boundary markers: Absent; there are no instructions for the agent to differentiate between the sample text and potentially malicious commands embedded within the sample files.
- Capability inventory: File system read access (via agent tools) is required to retrieve the content of the user-provided sample paths.
- Sanitization: Absent; the skill does not perform validation or filtering of the file paths or the content loaded for analysis.
- [DATA_EXFILTRATION]: The instruction to read from user-provided file paths allows for the potential ingestion of sensitive system or configuration files (e.g., .env, SSH keys) into the agent's memory if a user or malicious prompt directs the agent to a sensitive location.
Audit Metadata