fusion-framework-feature-toggling
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to the ingestion of untrusted user data.
- Ingestion points: User-provided goals, descriptions, and code context are collected for processing as described in SKILL.md and assets/offline-prompt-template.md.
- Boundary markers: The instructions do not define explicit delimiters (such as XML tags or triple backticks) to isolate user-provided text from agent instructions when calling search tools.
- Capability inventory: The skill utilizes mcp_fusion_search_framework and mcp_fusion_search_docs to query external documentation based on user input.
- Sanitization: There is no evidence of validation or escaping for the user-provided code snippets before they are incorporated into the agent's context or tool queries.
Audit Metadata