ai-llm-skills-guide
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill directs the agent to fetch a remote README.md file from 'https://raw.githubusercontent.com/gmh5225/awesome-skills/refs/heads/main/README.md'. This repository is not on the list of trusted external sources.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection by design because it processes untrusted remote data. 1. Ingestion points: Remote README.md file from the gmh5225/awesome-skills repository. 2. Boundary markers: No delimiters or ignore instructions are provided to the agent to distinguish the fetched content from system instructions. 3. Capability inventory: The skill utilizes network fetching capabilities to retrieve information. 4. Sanitization: No evidence of sanitization or validation for the fetched content.
Audit Metadata