migration-guide-creator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (HIGH): The skill is highly vulnerable to Indirect Prompt Injection (Category 8) because it processes external technical documents and codebases. * Ingestion points: Technical documentation and API guides read via the Read and Grep tools. * Boundary markers: None identified in the skill instructions to separate untrusted document content from agent instructions. * Capability inventory: The Bash, Write, and Edit tools provide the ability to execute arbitrary code and modify the file system. * Sanitization: No input sanitization or validation mechanisms are present.
- [COMMAND_EXECUTION] (HIGH): The inclusion of the Bash tool allows for the execution of arbitrary system commands. In the context of an agent reading untrusted documentation, this is a critical risk factor.
- [NO_CODE] (INFO): No implementation scripts or executables were provided in the skill folder for review; only the SKILL.md metadata was analyzed.
Recommendations
- AI detected serious security threats
Audit Metadata