fe-a11y
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is vulnerable to indirect prompt injection because it ingests and processes external content (source code files).
- Ingestion Point: The skill reads file content based on the
$ARGUMENTSpath. - Boundary Markers: Absent. The instructions do not define clear delimiters for the code being analyzed, increasing the risk that instructions hidden in comments or strings could be misinterpreted as system commands.
- Capability Inventory: The skill performs file-read operations and generates analysis reports. It does not appear to have file-write or network-access capabilities based on the provided instructions.
- Sanitization: No sanitization or validation of the input file's content is described beyond accessibility checking rules.
Audit Metadata