Skills
skills/athola/claude-night-market/token-conservation/Gen Agent Trust Hub

token-conservation

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection through its instructions to read and process external data sources.
  • Ingestion points: File content ingested via Read and Grep tools, and PDF content processing (SKILL.md).
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings when reading external content.
  • Capability inventory: The skill environment includes file modification capabilities (Edit, Write tools) and interaction with external tools/models (Qwen MCP).
  • Sanitization: There is no mention of sanitizing, escaping, or validating the content retrieved from external files before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 12:38 AM