zod
Warn
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: MEDIUMPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill contains high-priority directives (marked as 'CRITICAL') in SKILL.md that command the agent to override its knowledge of the actual Zod library (Version 3) in favor of a non-existent Version 4.
- [METADATA_POISONING]: The skill's metadata and body content are deceptive, claiming to support a 'Zod 4' stable release which is currently non-existent. It also references a non-existent migration tool repository on GitHub (nicoespeon/zod-v3-to-v4) as a resource.
- [NO_CODE]: The skill is composed entirely of informational markdown files and does not include any scripts, binaries, or automated tasks that execute code.
Audit Metadata