integrity-validation
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The validation and recovery logic creates a significant vulnerability surface by reacting to changes in the environment without proper isolation.
- Ingestion points: The system inventories agents, commands, and files across the workspace via functions like list_all_agents() and identify_critical_files() within the SKILL.md pseudocode.
- Boundary markers: Absent; the logic does not include delimiters or instructions to ignore instructions embedded within the components it discovers.
- Capability inventory: The skill possesses the ability to perform auto-restoration (file system writes) and trigger execute_operation() (command execution) based on its findings.
- Sanitization: Absent; the skill lacks validation or sanitization logic for the components it identifies, meaning a maliciously named or modified file could potentially take control of the agent's behavior during the 'recovery' or 'alert' processing stages.
Recommendations
- AI detected serious security threats
Audit Metadata