Skills
skills/hainamchung/agent-assistant/llm-application-dev/Gen Agent Trust Hub

llm-application-dev

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: LOWNO_CODE
Full Analysis
  • SAFE (SAFE): No security issues identified. The skill is composed of markdown text and non-executable code snippets.
  • Indirect Prompt Injection (INFO): The templates demonstrate processing untrusted data via prompt interpolation. This is an inherent surface for indirect prompt injection that requires external mitigation logic.
  • Ingestion points: Data interpolation points {context}, {question}, and ${customerFeedback} in prompt templates in SKILL.md.
  • Boundary markers: Simple textual headers (e.g., 'CONTEXT:', 'RULES:') are used to delimit sections.
  • Capability inventory: The code snippets demonstrate capabilities for LLM API interaction (OpenAI, Anthropic) and database operations (Supabase).
  • Sanitization: No sanitization or input validation is present in the provided examples.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 17, 2026, 12:25 AM