ctf-pwn
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of analyzing untrusted binary data.
- Ingestion points: The agent ingests data from external binaries via analysis tools such as
get-decompilation,get-symbols, andsearch-strings-regex(as seen inSKILL.md). - Boundary markers: There are no explicit instructions to use delimiters or ignore instructions embedded within the strings or metadata of the binaries being analyzed.
- Capability inventory: The agent can modify the analysis database using
rename-variables,set-comment, andset-bookmarktool calls. - Sanitization: The skill does not define validation or sanitization procedures for data extracted from binaries before it is processed by the agent.
Audit Metadata