skill-generalizer
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to 'Never show internal dialogue' and hide details about state files, memory paths, and disk write operations. While intended for user experience, this reduces transparency by concealing automated file modifications.\n- [PROMPT_INJECTION]: The skill acts as a processing engine for untrusted skill data, making it a surface for indirect prompt injection.\n
- Ingestion points: User-supplied SKILL.md content or descriptive text.\n
- Boundary markers: No delimiters or instructions are present to distinguish input data from instructions.\n
- Capability inventory: Generates executable SKILL.md files and modifies configuration/state files (e.g., 'memory/.onboarded-skills.md').\n
- Sanitization: No input validation or escaping is performed.
Audit Metadata