random-encounter
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and process external data that could contain malicious instructions.
- Ingestion points: User-provided arguments (
$ARGUMENTS) and various files within theWorlds/directory (Creatures, Characters, Locations). - Boundary markers: Absent; the instructions do not define clear delimiters or instruct the agent to ignore embedded commands in the processed data.
- Capability inventory: The skill possesses file read capabilities (scanning world directories) and file write capabilities (saving generated encounters to the filesystem).
- Sanitization: Absent; there is no explicit instruction to sanitize the
[World Name]or[Location]arguments, which are used to compute file paths, potentially allowing for path traversal if the agent doesn't apply its own underlying safety filters.
Audit Metadata