skills/zenon-red/skills/zr-vote/Gen Agent Trust Hub

zr-vote

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it evaluates content from external sources (pending ideas) to determine its actions. Maliciously crafted ideas could contain instructions to influence the agent's scoring or voting behavior.
  • Ingestion points: Untrusted data enters the context via probe idea get and probe idea pending commands described in SKILL.md.
  • Boundary markers: There are no explicit instructions or delimiters defined to separate the idea content from the agent's system instructions.
  • Capability inventory: The skill has the ability to perform state-changing operations including probe idea vote (up, down, and veto).
  • Sanitization: The skill does not specify any validation or sanitization logic for the content retrieved from the probe tool.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 02:49 AM
Security Audit — agent-trust-hub — zr-vote