dma-attack-techniques
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches comprehensive research data from the author's GitHub repository at https://raw.githubusercontent.com/gmh5225/awesome-game-security/refs/heads/main/README.md. This is documented as a vendor-owned resource used to provide curated links and tool descriptions.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its reliance on external data sources.
- Ingestion points: Untrusted data is ingested from the author's remote README file as specified in the Data Source section of SKILL.md.
- Boundary markers: No delimiters or instructions to ignore instructions within the fetched data are present.
- Capability inventory: The skill provides usage examples for external tools like pcileech but does not contain internal scripts with subprocess, network, or file system capabilities.
- Sanitization: There is no evidence of filtering or validation applied to the content retrieved from the external URL.
Audit Metadata