voice-dna-creator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill ingests untrusted writing samples and possesses a file-writing capability, which categorizes it as a high-risk surface for indirect prompt injection. * Ingestion points: Writing samples provided by the user or stored in the knowledge folder. * Boundary markers: Absent; the skill does not instruct the agent to ignore instructions embedded within the samples. * Capability inventory: The skill explicitly directs the agent to save analysis results to '/context/voice-dna.json'. * Sanitization: Absent; findings are synthesized directly from external content.
- Data Exposure (LOW): There is a risk that sensitive personal information or credentials contained within writing samples could be extracted and stored in the persistent JSON profile.
Recommendations
- AI detected serious security threats
Audit Metadata