Skills
skills/aradotso/trending-skills/talk-normal-llm-prompt/Gen Agent Trust Hub

talk-normal-llm-prompt

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Clones a repository from an untrusted GitHub account (hexiecs/talk-normal). Although GitHub is a well-known service, the repository content is managed by a third party not affiliated with the skill author.- [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface by ingesting the contents of an external file (prompt.md) and utilizing it as a system-level instruction for various AI models. This allows external content to potentially override or manipulate the model's intended behavior.
  • Ingestion points: prompt.md (read via local file access after cloning)
  • Boundary markers: Absent. The prompt content is used directly as the system role content without delimiters or ignore-instructions.
  • Capability inventory: Network access via curl and multiple LLM API clients (openai, anthropic, google.generativeai).
  • Sanitization: Absent. The skill provides no validation or filtering of the content read from the external file before it is used as a system instruction.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 03:14 AM