skill-crafting
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill uses strong mandatory directives ("Do not proceed without it", "Do not proceed without it") to force the agent into a specific workflow. While intended for process control using an internal reference, this pattern of overriding default behavior with absolute constraints is a common injection technique.
- Indirect Prompt Injection (LOW):
- Ingestion points: The skill triggers on requests to "create", "edit", "modify", or "refine" skills, meaning it directly processes arbitrary user-provided text as input for its "co-development flywheel."
- Boundary markers: None identified. The skill lacks explicit instructions to sanitize or ignore instructions embedded within the skill drafts provided by users.
- Capability inventory: The skill is designed to "create" and "modify" skills, which implies the ability to write files to the workspace or alter the agent's functional configuration.
- Sanitization: No evidence of sanitization or validation of the user-provided skill content.
- Metadata Analysis (INFO): The extensive list of triggers ensures the skill is highly likely to be invoked for a wide range of natural language requests, increasing the surface area for user-driven interactions.
Audit Metadata