Skills
skills/curiositech/some_claude_skills/panic-room-finder/Gen Agent Trust Hub

panic-room-finder

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection via the processing of untrusted external data.
  • Ingestion points: The 'Discovery Framework' in SKILL.md instructs the agent to gather and analyze external documents such as blueprints, building permits, and insurance records, likely using the WebFetch or Read tools.
  • Boundary markers: No delimiters or safety instructions are provided to help the agent distinguish between legitimate document content and potential malicious instructions embedded in those documents.
  • Capability inventory: The skill is granted high-privilege tools including Bash, WebFetch, Write, and Edit, which could be exploited if the agent is successfully injected.
  • Sanitization: The skill lacks any mechanism for sanitizing or validating the content of the external house records before analysis.
  • [NO_CODE]: No executable scripts are provided within the skill package; the functionality is delivered entirely through Markdown-based instructions and templates.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 08:48 PM