verification-before-completion
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Prompt Injection] (SAFE): The skill uses strong imperative language such as "The Iron Law" and "Non-negotiable" to enforce procedural integrity; these are instructional constraints rather than attempts to bypass safety filters.
- [Indirect Prompt Injection] (LOW): The skill requires the agent to read and evaluate external data from test and linter outputs, creating a vulnerability surface where malicious code comments or test failures could influence behavior.
- Ingestion points: Test command outputs, linter logs, and build status messages (SKILL.md).
- Boundary markers: Absent; the skill does not define delimiters to separate tool output from instructions.
- Capability inventory: Implied command execution for verification (subprocess calls).
- Sanitization: No sanitization or validation logic is defined for the ingested outputs.
- [No Code] (SAFE): The skill consists entirely of documentation and markdown instructions with no associated executable scripts, packages, or binary files.
Audit Metadata