Skills
skills/charpup/skill-security-auditor/prompt_injection_test/Gen Agent Trust Hub

prompt_injection_test

Fail

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The script 'TOOL.py' contains hardcoded instructions designed to bypass agent constraints using the 'DAN' (Do Anything Now) jailbreak pattern.
  • [PROMPT_INJECTION]: The script 'TOOL.py' contains explicit commands intended to force the agent to reveal its system prompt instructions.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface where untrusted data is interpolated into instructions.
  • Ingestion points: The 'user_input' parameter in the 'process_user_input' function in 'TOOL.py'.
  • Boundary markers: Absent; user input is concatenated directly into the prompt string.
  • Capability inventory: No subprocess, file system, or network operations were detected in the provided source code.
  • Sanitization: Absent; the code does not filter or escape the interpolated input.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 26, 2026, 03:18 PM