binary-lifting
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8) because it instructs the agent to ingest data from an external, untrusted source.
- Ingestion points:
SKILL.mdcontains an instruction to "fetch the latest data" from an external URL (https://raw.githubusercontent.com/gmh5225/awesome-llvm-security/refs/heads/main/README.md). - Boundary markers: Absent. There are no instructions to ignore embedded commands or treat the fetched content as strictly data.
- Capability inventory: The skill context involves binary analysis and reverse engineering tools; if an agent using this skill has access to command execution or file-writing tools, the risk from malicious external content is increased.
- Sanitization: Absent. No logic is provided to validate or sanitize the remote content before processing.
- EXTERNAL_DOWNLOADS (LOW): The skill references and encourages fetching content from
raw.githubusercontent.com/gmh5225/awesome-llvm-security. This source is not on the [TRUST-SCOPE-RULE] whitelist for trusted organizations or repositories.
Audit Metadata