designer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to read and analyze existing user code, which creates a surface for indirect prompt injection if an attacker includes malicious instructions in the code comments or content. (1) Ingestion points: WORKFLOW Phase 1 in SKILL.md. (2) Boundary markers: Absent. (3) Capability inventory: No file-write, network, or command execution capabilities are defined for the skill itself. (4) Sanitization: No specific sanitization or escaping of input data is instructed. The risk is minimized by the skill's lack of high-risk tools.
Audit Metadata