Skills
skills/cleanexpo/dr-nrpg/iicrc-validator/Gen Agent Trust Hub

iicrc-validator

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it processes untrusted data from both local project files and external web sources.
  • Ingestion points: The skill uses Read, Grep, and Glob to ingest content from local directories (guides, services, content) and WebFetch to retrieve data from iicrc.org.
  • Boundary markers: Absent. There are no delimiters or instructions provided to the agent to help it distinguish between validation rules and instructions that might be embedded in the files being scanned.
  • Capability inventory: The skill is limited to information retrieval and search tools (WebSearch, WebFetch, Read, Grep, Glob). It does not have access to command execution, file writing, or system modification tools.
  • Sanitization: No sanitization or content validation logic is present to filter out potential injection patterns from the ingested data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 11:47 AM