excellence
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and analyze external, untrusted document content, creating a surface for indirect prompt injection attacks.
- Ingestion points: Document content from files specified via the filename argument is read using the Read and Grep tools for multi-agent review (SKILL.md).
- Boundary markers: The skill's instructions do not define clear delimiters or use system-level instructions to mandate that agents ignore commands embedded within the reviewed files.
- Capability inventory: The skill has access to Read, Write, and Task tools, which allow it to interact with the workspace and execute sub-tasks based on the results of the document analysis (SKILL.md).
- Sanitization: There is no evidence of content sanitization or validation to filter out potential injection strings from the input files before they are processed by the agents.
Audit Metadata