fixing-metadata
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection vulnerability surface. 1. Ingestion points: The skill accepts external files as input via the /fixing-metadata command. 2. Boundary markers: The instructions do not define delimiters or specific isolation markers for the ingested content. 3. Capability inventory: The agent is instructed to review file content and provide code-level suggestions, creating an opportunity for embedded instructions to influence agent output. 4. Sanitization: No sanitization or validation of the input file content is implemented within the skill.
Audit Metadata