Skills
skills/glennguilloux/context-engineering-kit/test-skill/Gen Agent Trust Hub

test-skill

Pass

Audited by Gen Agent Trust Hub on Feb 13, 2026

Risk Level: LOWNO_CODE
Full Analysis

The provided skill file, SKILL.md, is a pure markdown document. It describes a process for testing other AI skills, focusing on identifying and preventing 'rationalizations' or prompt injection attempts by the AI. The content is entirely instructional and descriptive.

  1. Prompt Injection: The skill itself does not contain prompt injection. It teaches how to create test scenarios that might expose an AI's susceptibility to rationalization, which is a form of prompt injection defense. The example 'pressure scenarios' are presented as content to be used in other tests, not as instructions for the AI running this skill.
  2. Data Exfiltration: No commands for network requests (e.g., curl, wget, fetch) or file system access (e.g., cat, read) were found. No sensitive file paths are referenced.
  3. Obfuscation: No Base64 encoding, zero-width characters, Unicode homoglyphs, or other obfuscation techniques were detected.
  4. Unverifiable Dependencies: The skill references other internal documentation files or skills (e.g., superpowers:test-driven-development, persuasion-principles.md, examples/CLAUDE_MD_TESTING.md). These are not external, unverifiable dependencies in the malicious sense, as they are assumed to be part of the agent's internal knowledge base or local file system.
  5. Privilege Escalation: No commands like sudo, chmod, or attempts to modify system files or services were found.
  6. Persistence Mechanisms: No attempts to modify shell configurations, create cron jobs, or establish other persistence mechanisms were found.
  7. Metadata Poisoning: The YAML front matter (name, description) is benign and accurately reflects the skill's purpose.
  8. Indirect Prompt Injection: As the skill is purely instructional text and does not process external, untrusted input, it is not susceptible to indirect prompt injection.
  9. Time-Delayed / Conditional Attacks: No conditional logic based on time, usage, or environment variables was found.

Adversarial Reasoning: Given that the skill is a static markdown document with no executable components, the attack surface is minimal. The content is focused on improving the robustness of other skills, which is a security-positive outcome. There are no hidden commands or deceptive instructions. The skill is entirely transparent in its purpose and content.

Conclusion: The skill is a safe, no-code instructional document. It poses no security risks.

Audit Metadata
Risk Level
LOW
Analyzed
Feb 13, 2026, 07:45 AM