Skills
skills/boojack/skills/writing-designs/Gen Agent Trust Hub

writing-designs

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • PROMPT_INJECTION (HIGH): The skill is highly vulnerable to Indirect Prompt Injection (Category 8).
  • Ingestion points: The skill reads local definition.md files and utilizes WebFetch to ingest external content from engineering blogs and GitHub repositories.
  • Boundary markers: No delimiters or instructions to ignore embedded commands within the fetched data are present.
  • Capability inventory: The skill has the capability to write a design.md file to the local filesystem based on the processed untrusted data.
  • Sanitization: No evidence of sanitization, escaping, or validation of the external content before it is processed or written to disk.
  • DATA_EXFILTRATION (LOW): While the skill is designed to fetch information, the combination of file-read access and network-fetch capability creates a theoretical path for data exfiltration if the agent is successfully injected via a malicious issue definition.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 11:39 AM