Skills
skills/jh941213/my-claude-code-asset/eval/Gen Agent Trust Hub

eval

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill establishes an indirect prompt injection surface because it directs a sub-agent to ingest and evaluate the 'current project' files, which may contain malicious instructions embedded in comments or strings.\n
  • Ingestion points: The Evaluator sub-agent is instructed to read the current project directory to perform its 4-axis assessment (SKILL.md).\n
  • Boundary markers: Absent. The instructions to the sub-agent do not include delimiters or specific warnings to ignore instructions found within the project files.\n
  • Capability inventory: The skill utilizes tools including Bash, Read, Grep, and Glob, which provide significant environment access if the sub-agent's logic is subverted.\n
  • Sanitization: No content filtering or validation is performed on the project files before they are read by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 01:45 AM