Skills
NYC
skills/duc01226/easyplatform/feature-implementation/Gen Agent Trust Hub

feature-implementation

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8). It ingests untrusted data from the web and the local filesystem while possessing powerful capabilities like shell access and file modification.
  • Ingestion points: The skill uses WebFetch, WebSearch, and Read tools to bring external content into the context.
  • Boundary markers: None identified; there are no instructions to the agent to treat external content as untrusted or ignore embedded commands.
  • Capability inventory: The skill utilizes Bash, Write, Edit, WebFetch, and Task tools, allowing for significant system impact.
  • Sanitization: No sanitization, validation, or escaping of external content is specified before the content is used to influence the implementation workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:26 PM