llm-attacks-security
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Prompt Injection] (LOW): The skill documentation includes a 'Cheat Sheet' describing various injection and jailbreaking techniques such as 'DAN', 'System prompt extraction', and 'Role-play attacks'. While these are presented as educational concepts, they represent adversarial patterns that could be misinterpreted by an agent if not properly sandboxed.
- [External Downloads] (LOW): The skill explicitly instructs the agent to fetch data from an external GitHub repository (
gmh5225/awesome-ai-security). This repository is not within the defined Trusted External Sources, meaning the agent may ingest unverified content at runtime. - [Indirect Prompt Injection] (LOW): The skill creates a vulnerability surface by interpolating untrusted data into the agent's context.
- Ingestion points: The agent is directed to fetch the contents of
README.mdfrom thegmh5225/awesome-ai-securityrepository. - Boundary markers: None. The skill provides no instructions to treat the fetched content as data or to ignore embedded instructions.
- Capability inventory: The skill is intended to help the agent find and present tools or papers, which involves processing and displaying external text.
- Sanitization: No sanitization or validation logic is specified for the remote content.
Audit Metadata