ecosystem-integration-test
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [NO_CODE] (INFO): The skill consists of a YAML/Markdown definition and a Node.js configuration file. No executable logic (JavaScript, Python, or shell scripts) was included in the provided file set.
- [Indirect Prompt Injection] (MEDIUM): Although no code is present, the skill's stated purpose involves processing data from other skills, which constitutes a vulnerability surface.
- Ingestion points: The skill is designed to consume JSON/Markdown outputs from other skills located in the directory provided via the
dirargument. - Boundary markers: None are specified in the metadata to delimit untrusted input from instructions.
- Capability inventory: The skill definition includes an
outargument, suggesting the capability to write results to the file system. - Sanitization: No sanitization or validation logic is mentioned in the metadata.
Audit Metadata