negotiation
Warn
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Deceptive execution instructions. The 'Instructions' section and 'Error Handling' table in SKILL.md command the agent to 'Assess the current state of the logging configuration' and check for 'Authentication failure,' which is entirely unrelated to the skill's stated purpose of negotiation. This redirection could lead an agent to access sensitive system logs or credential states.
- [PROMPT_INJECTION]: Metadata inconsistency. The 'Instructions' section contains a link titled 'logging implementation details' that points to references/implementation.md, which actually contains negotiation content. This mismatch suggests a poorly configured skill structure that could confuse the agent's task priority.
- [PROMPT_INJECTION]: Indirect prompt injection surface. The skill uses tools to read files (Read, Glob, Grep) to process negotiation scenarios but lacks boundary markers or instructions to sanitize or ignore malicious prompts embedded in the ingested documents.
- [PROMPT_INJECTION]: Author identity discrepancy. The YAML frontmatter identifies the author as 'Wondelai,' whereas the documentation footer in references/implementation.md attributes the content to 'jeremylongshore' and 'Intent Solutions.' While these are recognized vendor resources, the lack of consistency across files is a marker of low-quality control.
Audit Metadata