grad-cct
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it is designed to ingest and interpret untrusted social media content through netnography.\n
- Ingestion points: SKILL.md and examples/sample_scenario.md describe analyzing posts from communities like Dcard and Facebook.\n
- Boundary markers: Absent; no instructions are provided to isolate the analyzed data or warn the agent about embedded commands.\n
- Capability inventory: None; the skill defines no external tools (e.g., shell, network), limiting the potential impact of an injection.\n
- Sanitization: Absent; no input validation or filtering is specified.\n- [SAFE]: No hardcoded credentials or sensitive file access was detected.\n- [SAFE]: No obfuscation, multi-layer encoding, or hidden URLs were found.\n- [SAFE]: No remote code execution or untrusted downloads are performed.
Audit Metadata