skill-gate
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted user input to categorize tasks and determine skill relevance. While it lacks sanitization, the impact is limited by the restricted toolset.
- Ingestion points: User-provided task description in Step 1.
- Boundary markers: None present to isolate user input from the skill instructions.
- Capability inventory: Access to
ls,cat, andreadtools (read-only operations). - Sanitization: No validation, escaping, or filtering of user content is performed.
Audit Metadata