s-work
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): The skill demonstrates a vulnerability surface for indirect prompt injection by design, as it instructs the agent to read and process external logs. * Ingestion points:
addon.outputtool referenced inSKILL.md. * Boundary markers: Absent; there are no instructions to the agent to treat output as untrusted or to use specific delimiters. * Capability inventory: Accessesaddon.lint,addon.test, andenv.statustools. * Sanitization: None mentioned; the agent assumes the output is a legitimate log of errors and tests. - [External Downloads] (SAFE): Includes a link to documentation on GitHub (
github.com/Falkicon/afd). This is used for reference and does not trigger automated downloads or execution of untrusted code. - [Safe] (SAFE): All other security categories, including Credentials, Obfuscation, and Persistence, showed no suspicious patterns.
Audit Metadata