tldr-prompt
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection due to its core functionality of processing external data.
- Ingestion points: Processes local workspace files (e.g., .prompt.md, .agent.md) and content fetched from external URLs provided by the user or resolved from established repositories like GitHub's awesome-copilot.
- Boundary markers: The prompt lacks explicit delimiters or instructions to treat fetched content as data only, potentially allowing instructions embedded in source documents to influence the agent.
- Capability inventory: Uses workspace file reading tools and network fetch capabilities to retrieve documentation.
- Sanitization: There is no evidence of sanitization or filtering of the fetched content before it is processed for summarization.
Audit Metadata