humanizer
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a vulnerability to indirect prompt injection due to its handling of external data combined with powerful tool access. . . Ingestion points: The skill reads untrusted content via the $ARGUMENTS parameter (accepting either raw text or file paths) as defined in SKILL.md. . . Boundary markers: The skill does not provide the agent with specific delimiters or instructions to distinguish between the content to be processed and potential embedded malicious instructions. . . Capability inventory: The skill metadata in SKILL.md authorizes the agent to use the Read, Write, Edit, Grep, Glob, and AskUserQuestion tools. . . Sanitization: There are no instructions within the skill logic to validate or sanitize user-provided text before it is processed by the agent using its file-system tools.
Audit Metadata