agents-reminder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill directs the agent to read and follow instructions from an external file
AGENTS.md. This creates a vulnerability where malicious instructions placed in that file could override agent behavior. - Ingestion points:
AGENTS.mdfile located in the repository root. - Boundary markers: Absent. The skill provides no delimiters or instructions to treat the file content as untrusted data rather than authoritative rules.
- Capability inventory: The skill facilitates reading local repository files and explicitly directs the agent to "refresh constraints and required behaviors" based on the content.
- Sanitization: Absent. No validation or filtering of the file content is performed before the agent incorporates it into its context.
- [Prompt Injection] (LOW): The instruction to "re-answer the previous question" after reading new rules is a behavior-modifying instruction that could be leveraged to bypass previously established safety constraints if the target file contains malicious overrides.
Audit Metadata