skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to implement 'Iron Laws' using 'action-masking language' and
<EXTREMELY-IMPORTANT>tags to create absolute constraints. While these are presented as reliability patterns for skill development, they represent the same techniques used to bypass or override standard agent behavior guidelines. - [PROMPT_INJECTION]: Indirect Prompt Injection Surface:
- Ingestion points: Untrusted user input is ingested during the intent-capture and interviewing phases (SKILL.md).
- Boundary markers: Absent; the skill does not define specific delimiters or instructions to ignore embedded commands within user-provided data.
- Capability inventory: The skill possesses the capability to read local plugin files via the
Readtool and invoke other skills via theSkilltool (SKILL.md). - Sanitization: Absent; the skill draft-test-iterate process does not describe any sanitization, escaping, or validation of user input before it is interpolated into new skill drafts.
Audit Metadata