Skills
skills/acostanzo/quickstop/odin/Gen Agent Trust Hub

odin

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by passing unsanitized user input directly to a sub-agent.
  • Ingestion points: The $ARGUMENTS variable from the user command is utilized in Step 4 to construct the prompt for the Munin agent.
  • Boundary markers: Absent. The user input is appended directly to the instruction 'Search for information about: $ARGUMENTS' without the use of XML tags or other delimiters that might prevent the sub-agent from following instructions embedded within the user input.
  • Capability inventory: The bifrost-munin sub-agent is granted access to the <BIFROST_REPO> directory, allowing it to read files across several memory layers based on the search prompt.
  • Sanitization: No sanitization, validation, or escaping is performed on the $ARGUMENTS string before it is interpolated into the agent prompt.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 10:20 PM