feynman-first-principles
Fail
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The main H1 header contains a significant volume of hidden zero-width characters (U+200B, U+200C, U+200D, U+2060). This form of obfuscation is used to hide content that is processed by the AI but remains invisible to the human reader.
- Evidence: Found in header
# Richard Feynman Style Guidefollowed by 200+ non-printing characters. - [PROMPT_INJECTION]: The skill exhibits surface area for indirect prompt injection as it encourages users to provide external code and problems for debugging without specifying boundary markers or sanitization procedures for the processed content.
- Ingestion points: System design and debugging tasks (SKILL.md).
- Boundary markers: Absent; no instructions to ignore embedded commands in user-provided data.
- Capability inventory: Execution of Python code snippets provided in the skill body for local debugging.
- Sanitization: None; the skill relies on the agent to interpret raw input using the Feynman technique.
Recommendations
- AI detected serious security threats
Audit Metadata