andrej-karpathy-perspective
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill implements an 'Agentic Protocol' in SKILL.md that requires the agent to use web search tools for fact-gathering. This introduces a surface for Indirect Prompt Injection. Ingestion points: External data from search results enters the agent's context. Boundary markers: Absent; the skill does not instruct the agent to use delimiters or warnings for retrieved data. Capability inventory: The agent has access to WebSearch. Sanitization: Absent; no instructions for filtering or escaping external content are provided.
- [NO_CODE]: The skill is comprised entirely of Markdown documentation and persona instructions, containing no executable scripts or binaries.
Audit Metadata