security-guidelines
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTIONNO_CODE
Full Analysis
- PROMPT_INJECTION (MEDIUM): High-risk surface for Indirect Prompt Injection. Evidence: (1) Ingestion point: Skill processes external code snippets as defined in the Phase 1 workflow of SKILL.md. (2) Boundary markers: Absent; no instruction for the agent to use delimiters to isolate user code from its internal logic. (3) Capability inventory: Influences critical security decisions, including authentication implementation and access control remediation. (4) Sanitization: Absent; no guidelines to filter or ignore instructions embedded in comments or strings within the analyzed files.
- NO_CODE (INFO): The skill contains no executable scripts, system commands, or external package dependencies.
Audit Metadata