Skills
skills/joabgonzalez/ai-agents-framework/astro/Gen Agent Trust Hub

astro

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill identifies patterns for processing untrusted data from content collections and external APIs, creating a surface for indirect prompt injection.
  • Ingestion points: Data is ingested via getCollection() and fetch() from remote endpoints as described in references/content-collections.md and references/ssg-patterns.md.
  • Boundary markers: The provided patterns do not include explicit delimiter-based isolation or instructions to the agent to ignore instructions embedded in the external content.
  • Capability inventory: The skill demonstrates capabilities for network requests via fetch and potentially unsafe HTML rendering via the set:html directive in SKILL.md and references/ssg-patterns.md.
  • Sanitization: The examples do not explicitly demonstrate sanitization or validation logic for the content retrieved from external sources before processing or rendering.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 07:32 AM