tldr
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted user-provided content through templates without implementing sanitization or boundary markers.
- Ingestion points: The source_content, key_points, and call_to_action fields defined in the template within SKILL.md.
- Boundary markers: Absent; there are no clear delimiters (e.g., XML tags) or instructions for the agent to ignore embedded commands within the source text.
- Capability inventory: None; the skill is a text-only prompt and cannot access the file system, network, or execute code.
- Sanitization: None; data is interpolated directly into the output template.
- No Code (SAFE): The skill consists entirely of natural language instructions and templates, with no scripts, binaries, or external software dependencies.
Audit Metadata