list-affitor-skill
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted input through the
raw_promptfield to generate documentation. This constitutes an indirect prompt injection surface where malicious instructions in the input could be included in the generated output. - Ingestion points: The
raw_promptfield in the input schema defined inSKILL.md. - Boundary markers: No specific boundary markers or instructions to ignore embedded commands are present in the workflow logic.
- Capability inventory: The skill's primary capability is text generation and formatting; it does not possess capabilities for file writing, network requests, or command execution.
- Sanitization: No validation or sanitization is performed on the user-provided prompt before it is used to generate the new skill structure.
- [SAFE]: No evidence of hardcoded credentials, unauthorized data access, obfuscation, or persistence mechanisms was found in the analyzed file.
Audit Metadata