static-analysis
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill directs the agent to fetch a README file from 'https://raw.githubusercontent.com/gmh5225/awesome-llvm-security/refs/heads/main/README.md'. This source is not within the defined trusted list of repositories or organizations, making the content unverified.
- PROMPT_INJECTION (MEDIUM): The skill is vulnerable to Indirect Prompt Injection (Category 8) due to the untrusted external fetch instruction.
- Ingestion points: The agent is explicitly told to fetch the 'latest data' from an external third-party GitHub URL in the 'Getting Detailed Information' section.
- Boundary markers: Absent. There are no instructions provided to treat the fetched content as untrusted or to ignore any embedded directives within that external file.
- Capability inventory: As a static analysis skill, the environment likely includes code execution (LLVM tools, compilers) and file system access, which could be leveraged if the fetched content contains malicious instructions.
- Sanitization: None. The skill assumes the remote content is safe and curated.
Audit Metadata