ship-learn-next
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill processes untrusted external content to create implementation plans. Evidence Chain: 1. Ingestion points: Step 1 (Read the Content) reads user-provided file paths for transcripts and articles. 2. Boundary markers: Absent; the skill lacks delimiters or explicit instructions to treat the file content as non-executable data. 3. Capability inventory: Access to 'Read' and 'Write' tools. 4. Sanitization: Absent; no validation or escaping of the ingested content is performed before processing.
Audit Metadata