output-formatter
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill's primary purpose is to ingest and format data from other agents, which constitutes an indirect prompt injection surface.
- Ingestion points: Processes '智能体输出结果' (Agent output results) which are potentially untrusted external inputs.
- Boundary markers: No specific delimiters or 'ignore' instructions are defined to separate the data from the agent's formatting instructions.
- Capability inventory: The skill has no allowed tools (
allowed-tools: []), meaning it cannot perform network requests, file operations, or command execution, which limits the potential impact of an injection. - Sanitization: No input validation or sanitization is mentioned beyond requiring 'parseable formats'.
- [NO_CODE] (SAFE): The skill contains no scripts, binary files, or tool definitions. It functions entirely through natural language instructions to the model.
Audit Metadata