crypto-vulnerability-analyst
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and analyze external data (code and protocol descriptions), which introduces a vulnerability surface for indirect prompt injection.
- Ingestion points: The skill accepts 'code_or_binary_context', 'protocol_description', and 'key_management_model' as primary inputs in SKILL.md.
- Boundary markers: The instructions do not define specific delimiters or security guardrails to distinguish between input data and system instructions.
- Capability inventory: The skill is restricted to text-based analysis and JSON generation; it contains no evidence of file-system access, network operations, or shell command execution capabilities.
- Sanitization: No input validation or sanitization procedures are specified for the context provided by the user.
Audit Metadata