skill-converter
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Prompt Injection (LOW): Indirect Prompt Injection Surface.
- Ingestion points: File reading in Step 5 (source skills) and internet search results in Step 2 (tool specifications).
- Boundary markers: Absent. No specific delimiters or instructions are provided to the agent to treat external content as untrusted data.
- Capability inventory: File system read, write, and copy operations (Step 5) and internet search (Step 2).
- Sanitization: Absent. The skill does not describe any validation or filtering of content ingested from files or the web.
- Risk: A malicious input skill or a poisoned search result could inject instructions that the agent inadvertently incorporates into the generated output skill.
Audit Metadata