semantic-equivalence-verifier
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it is designed to ingest and analyze untrusted code artifacts.
- Ingestion points: The skill explicitly takes 'Artifact A' and 'Artifact B' (code functions, classes, or modules) as primary inputs for its analysis workflow (SKILL.md).
- Boundary markers: While the instructions specify using markdown blocks for input artifacts, there are no explicit directives for the agent to ignore or sanitize instructions embedded within the code, such as in comments or strings.
- Capability inventory: The skill directs the agent to perform deep analysis, including control flow extraction and the use of symbolic execution tools (Z3, Angr) and formal methods, which increases the potential impact of an injection (SKILL.md, references/symbolic_execution.md).
- Sanitization: The documentation lacks any mention of sanitizing, escaping, or validating the input code artifacts before analysis.
Audit Metadata