anti-cheat-systems
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill instructs the agent to fetch and reference external content from
https://raw.githubusercontent.com/gmh5225/awesome-game-security/refs/heads/main/README.md. This repository is not on the Trusted External Sources list. Fetching raw content from untrusted third-party sources to guide agent responses or provide tool recommendations is a security risk. - [PROMPT_INJECTION] (LOW): (Category 8: Indirect Prompt Injection) The skill establishes an ingestion point for untrusted external data without implementing safety controls.
- Ingestion points: The
Data Sourcesection inSKILL.mdtriggers a fetch of external Markdown content. - Boundary markers: Absent. The agent is not instructed to treat the fetched content as untrusted or to ignore embedded instructions.
- Capability inventory: The agent is expected to parse the external data to provide specific project lists, descriptions, and code implementations to the user.
- Sanitization: None. There is no logic provided to filter or escape the fetched content before it is processed by the LLM.
Audit Metadata