gray-transaction-systems
Fail
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill documents (SKILL.md, philosophy.md, and references.md) contain extensive sequences of zero-width Unicode characters (U+200B, U+200C, U+200D, U+2060) embedded within their main headers. Evidence: In SKILL.md, the header '# Jim Gray Style Guide' is followed by approximately 200 hidden characters. Technique: This is a form of obfuscation where data is encoded into characters that are invisible to human readers but present in the text processed by the AI model. Risk: Such obfuscation is a primary vector for smuggling prompt injection attacks that bypass safety filters or override system instructions.
Recommendations
- AI detected serious security threats
Audit Metadata