verify
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE] (LOW): The skill contains only markdown documentation (SKILL.md) and lacks functional scripts or tool definitions.
- [PROMPT_INJECTION] (HIGH): The skill's workflow for code verification presents a high attack surface for Indirect Prompt Injection. 1. Ingestion points: Processes untrusted code changes and file diffs as defined in SKILL.md. 2. Boundary markers: Absent; there are no instructions to the agent to disregard commands or instructions embedded within the code being verified. 3. Capability inventory: The skill intends to perform 'test execution' and 'build verification', which are high-privilege actions requiring command execution. 4. Sanitization: Absent; the skill does not specify the use of sandboxed environments or input validation for the code being executed.
Recommendations
- AI detected serious security threats
Audit Metadata