exploit-writer
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious patterns, encoded payloads, or suspicious activity were detected. The skill's purpose is to help security researchers document and verify exploit primitives in a structured manner.
- [NO_CODE]: The skill consists entirely of markdown-based instructions and process templates. It does not include any Python scripts, Node.js code, or shell commands that could be executed by an agent.
- [PROMPT_INJECTION]: The skill describes a process for handling untrusted technical data, which represents a potential indirect prompt injection surface. However, the skill lacks the capabilities required to execute commands.
- Ingestion points: Untrusted data enters via inputs like
validated_primitiveandtarget_contextdefined in SKILL.md. - Boundary markers: There are no explicit markers or instructions to isolate or ignore embedded commands in the processed data.
- Capability inventory: The skill possesses no subprocess, file-system, or network execution capabilities.
- Sanitization: No validation or sanitization routines are included for external data inputs.
Audit Metadata