research
Pass
Audited by Gen Agent Trust Hub on Jul 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill's primary function involves ingesting data from external untrusted sources, which exposes it to indirect prompt injection risks.
- Ingestion points: The skill reads from official docs, source code, specifications, and first-party APIs (as described in SKILL.md).
- Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore embedded commands within the sourced material.
- Capability inventory: The agent has the capability to write findings to Markdown files within the local repository (SKILL.md).
- Sanitization: No sanitization, validation, or filtering mechanisms for the external content are specified in the instructions.
Audit Metadata