Skills
skills/bonny/wordpress-simple-history/changelog/Gen Agent Trust Hub

changelog

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill instructs the agent to ingest user-provided descriptions and write them into the project's readme.txt file. This creates an indirect prompt injection vulnerability where malicious input could be stored and subsequently processed by other automated systems.
  • Ingestion points: User-provided descriptions of changes are collected as the primary data source in Step 1 of the workflow described in SKILL.md.
  • Boundary markers: The instructions do not specify the use of delimiters, boundary markers, or "ignore embedded instruction" warnings when interpolating user content into the file.
  • Capability inventory: The skill utilizes Read and Edit tools for file system interaction, allowing it to modify project documentation.
  • Sanitization: There is no evidence of input validation, escaping, or sanitization rules for the text provided by the user before it is written to the target file.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 02:04 AM