prompt-creation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): While the skill contains instructional markers like 'IMPORTANT' and 'CRITICAL', these are explicitly presented as placeholders within templates for the agent to use when generating external prompts. They are not directed at the agent's own system instructions.
- Indirect Prompt Injection (LOW): The skill provides templates that ingest untrusted content. 1. Ingestion points: SKILL.md element 5 ([USER_PROVIDED_CONTENT]). 2. Boundary markers: Present (XML tags like and delimiters like ###INSTRUCTIONS###). 3. Capability inventory: Read and Write tools are requested in frontmatter. 4. Sanitization: Absent. The risk is considered LOW because the skill's primary purpose is to provide structured delimiters which are a standard mitigation against this attack vector.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or sensitive file paths were detected. The skill does not perform network operations.
- Remote Code Execution & Dependencies (SAFE): The skill consists entirely of Markdown text; no Python or Node.js packages are required or executed.
Audit Metadata