ai-wrapper-product
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill provides code patterns and templates that directly interpolate untrusted user data into LLM prompts without using boundary markers or sanitization logic in the examples.
- Ingestion points: File 'sub-skills/basic-implementation.md' (userInput) and 'sub-skills/prompt-template-pattern.md' (input.purpose, input.recipient, input.tone, input.points, input.length).
- Boundary markers: Absent in all provided implementation code snippets.
- Capability inventory: Provides logic for interacting with external LLM APIs via the Anthropic SDK.
- Sanitization: While 'sub-skills/the-wrapper-stack.md' conceptually mentions sanitization as a step, no actual sanitization or escaping logic is included in the implementation examples, potentially leading users to adopt insecure patterns.
Audit Metadata