quote-post
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructions use override markers to dictate agent behavior and suppress standard summarization.
- Evidence: "CRITICAL: Auto-start on load. When this skill triggers, go straight to Step 1. Do not summarise." in SKILL.md.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface by ingesting untrusted data and interpolating it into a downstream system prompt.
- Ingestion points: User-provided caption (Step 1) and reference image description (Step 3).
- Boundary markers: Absent; the quote is placed inside double quotes without instructions to ignore embedded commands.
- Capability inventory: Generates a natural language prompt intended for use in an external model (Gemini).
- Sanitization: Absent.
Audit Metadata