backprop
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to ingest and analyze untrusted external data (bug reports, failure outputs) to modify code and specifications. This creates a surface for indirect prompt injection where malicious instructions in a report could influence agent actions.\n
- Ingestion points: The agent reads 'failure output / bug report' and 'user reports' (SKILL.md).\n
- Boundary markers: No delimiters or boundary markers are specified to isolate external content.\n
- Capability inventory: The agent is guided to 'Fix code', 'Generate test', and 'Commit spec edit + test + code fix'.\n
- Sanitization: No sanitization of ingested content is mentioned.\n- [NO_CODE]: The skill consists exclusively of markdown instructions and documentation with no executable code or scripts.
Audit Metadata