fp-audit
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill incorporates a placeholder for user arguments ($ARGUMENTS) which are treated as additional instructions. This represents a direct injection surface where a user could provide instructions that attempt to override the skill logic or bypass agent safety constraints.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes external data from the local project environment without explicit boundary markers. * Ingestion points: Documentation files (e.g., E2E_TESTS.md) and source code (test files). * Boundary markers: Absent; the agent is not instructed to treat the file content as data rather than instructions. * Capability inventory: Search and read operations on local files. * Sanitization: No sanitization or validation of the file content is performed before processing.
- [NO_CODE]: The skill consists exclusively of markdown instructions and does not include any accompanying scripts or binary executables.
Audit Metadata