Skills
skills/basher83/lunar-claude/skill-factory/Gen Agent Trust Hub

skill-factory

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill architecture creates a surface for indirect prompt injection (Category 8) by processing external research data to generate new skill instructions.\n
  • Ingestion points: External research materials are processed by scripts/format_skill_research.py and then synthesized into SKILL.md during the 'write' phase of the workflow.\n
  • Boundary markers: Absent. While the workflow follows a logical sequence, there are no specific prompt delimiters mentioned to prevent the LLM from obeying instructions embedded in the research text.\n
  • Capability inventory: The orchestrator utilizes the SlashCommand tool and can write files to the file system to initialize and modify skill structures (documented in SKILL.md).\n
  • Sanitization: Present. The scripts/format_skill_research.py script uses regular expressions to remove UI-specific artifacts from research materials, providing structural but not behavioral sanitization.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 04:45 PM