ai-artist
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): The skill contains no malicious instructions. On the contrary, it provides detailed references for 'Jailbreak Prevention', 'Safety Patterns', and 'Hallucination Reduction' (e.g., in
references/advanced-techniques.mdandreferences/llm-prompting.md). - Data Exposure & Exfiltration (SAFE): No credentials, sensitive file paths, or unauthorized network operations were detected. Mentions of tools like
google_searchorcode()are purely descriptive templates for model behavior. - Indirect Prompt Injection (SAFE): While the skill defines templates that ingest external data (e.g.,
<text>[content]</text>inreferences/domain-data.md), it explicitly uses and recommends XML boundary markers and 'output filtering' logic to mitigate risks. - Ingestion points: Multiple placeholders for external content across domain-specific reference files.
- Boundary markers: Consistently uses XML tags (e.g.,
<context>,<task>,<retrieved_context>) to delimit untrusted data. - Capability inventory: None. The skill consists entirely of Markdown files and contains no executable code or scripts.
- Sanitization: Recommends architectural patterns like 'Self-Critique' and 'Constitutional AI' to validate outputs.
- Remote Code Execution (SAFE): No remote code patterns detected. References to frameworks like DSPy are conceptual and do not involve package installations.
- Persistence & Privilege Escalation (SAFE): No system-level commands or persistence mechanisms are present.
Audit Metadata