Skills
skills/alirezarezvani/claude-skills/senior-ml-engineer/Gen Agent Trust Hub

senior-ml-engineer

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill contains several examples of LLM prompt construction vulnerable to indirect prompt injection.
  • Ingestion points: In references/llm_integration_guide.md, the FEW_SHOT_TEMPLATE accepts user_input directly. In references/rag_system_architecture.md, the RAGPipeline ingests context retrieved from a vector database (potentially containing untrusted data) and user queries.
  • Boundary markers: There are no robust boundary markers or "ignore instructions" delimiters used in the prompt templates. For example, FEW_SHOT_TEMPLATE simply appends the input after a label, and RAGPipeline._build_prompt uses basic f-string interpolation.
  • Capability inventory: The skill includes scripts for model deployment (scripts/model_deployment_pipeline.py) and infrastructure setup, which could be exploited if an agent following these instructions is influenced by malicious instructions in the data.
  • Sanitization: No sanitization, escaping, or validation of the interpolated strings is present in the example code.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 05:53 AM