talk-stage5-script
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by reading user-controlled markdown files and interpolating their content into a template for another AI.
- Ingestion points: Content is read from multiple files in the
talks/directory, including summary, concepts, and angles files. - Boundary markers: The skill does not use specific delimiters or instructions to prevent the AI from following instructions that might be embedded within the input talk files.
- Capability inventory: The skill utilizes
ReadandWritetools to process and save talk-related files. - Sanitization: There is no evidence of content validation or sanitization to ensure that input data does not contain malicious instructions.
Audit Metadata