compliance-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified.
- Ingestion points: The skill ingests untrusted data by reading files from the
codebase_pathduring compliance scans (SKILL.md). - Boundary markers: No delimiters or 'ignore' instructions are provided to distinguish file content from the agent's operational logic.
- Capability inventory: The skill definition allows the use of powerful tools including
Bash,Write,Edit, andRead(SKILL.md). - Sanitization: There is no evidence of sanitization or escaping of file content before it is processed by the agent.
Audit Metadata