Skills
skills/fortunto2/solo-factory/solo-knowledge/Gen Agent Trust Hub

solo-knowledge

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill retrieves and processes untrusted data from an external source (rustman.org) and incorporates it into the agent's context to synthesize answers. This creates a surface where malicious instructions embedded in the external wiki content could influence agent behavior.
  • Ingestion points: Fetches index from https://rustman.org/llms.txt and content from https://rustman.org/wiki/{slug} using WebFetch.
  • Boundary markers: Absent. The instructions do not define delimiters or provide warnings to the agent to ignore instructions found within the fetched content.
  • Capability inventory: Uses WebFetch for networking and Read, Grep, and Glob for local filesystem access within the repository.
  • Sanitization: Absent. There is no evidence of filtering or escaping logic applied to the external content before prompt interpolation.
  • [EXTERNAL_DOWNLOADS]: The skill is configured to fetch remote content from rustman.org. This domain is identified as a vendor-owned resource belonging to the author 'fortunto2'. The operations are limited to fetching text-based documentation and do not involve the installation of unverified packages or the execution of remote scripts.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 02:54 PM