prompt-repetition
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No sensitive data exposure, exfiltration patterns, or hardcoded credentials were identified in the skill metadata or code scripts. The logic focuses on string manipulation for prompt engineering purposes.\n- [SAFE]: No obfuscation techniques, such as Base64 encoding of commands, zero-width characters, or homoglyphs, were detected in the provided files.\n- [SAFE]: The Python script uses only standard libraries (re, dataclasses, typing) and does not perform any remote code execution, external downloads, or subprocess calls.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to ingest and repeat untrusted user prompts to influence model attention.\n
- Ingestion points: The
promptparameter inPromptRepetitionTransformer.transformandPromptRepetitionTransformer.wrap_llm_callinprompt_repetition_transformer.py.\n - Boundary markers: The skill prepends a marker
<!-- prompt-repetition-applied -->to the modified prompt but does not use sanitization or internal delimiters to isolate repeated untrusted content.\n - Capability inventory: The skill does not possess high-privilege capabilities such as file system access, network operations, or shell execution.\n
- Sanitization: No escaping or validation is performed on the input prompt before it is repeated and returned to the agent context.
Audit Metadata