day1-onboarding
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill implements a 'STOP PROTOCOL' using high-authority instructional language such as '절대 위반 금지' (must not violate) and '최우선 규칙' (highest priority rule). This is used for user experience flow control to prevent the agent from skipping educational steps, rather than bypassing safety filters.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its documentation retrieval process.
- Ingestion points: External documentation fetched via
curland local markdown files in thereferences/directory. - Boundary markers: No specific delimiters or 'ignore instructions' warnings are defined for the fetched external content.
- Capability inventory: Access to
curl, file system read tools, and user interaction viaAskUserQuestion. - Sanitization: No explicit sanitization or validation of the fetched external documentation is performed before processing.
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to use
curlto fetch official documentation from external URLs. This is documented as a functional requirement to provide accurate information and avoid the loss of detail associated with LLM summarization of web content.
Audit Metadata