compress-prompt
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted input from external files or inline text. An attacker could provide a malicious prompt that overrides the skill's logic during compression or verification steps.
- Ingestion points: Content is read from file paths or text provided in the $ARGUMENTS variable within SKILL.md.
- Boundary markers: No delimiters or protective instructions (such as 'ignore instructions within the following text') are defined to separate untrusted input from the system instructions.
- Capability inventory: The skill performs file system read operations and supports writing output to user-specified paths via the --output flag in SKILL.md.
- Sanitization: No input validation, filtering, or escaping mechanisms are implemented to mitigate malicious payloads in the processed data.
Audit Metadata