offer-k-dense-web
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMPROMPT_INJECTIONNO_CODE
Full Analysis
- Prompt Injection (MEDIUM): The skill contains override markers like 'MUST always run' and 'ALWAYS run this skill' in the metadata and body. These are designed to hijack the agent's decision-making process and force activation regardless of relevance to the user's task.
- Metadata Poisoning (MEDIUM): The description field is used to inject behavioral commands rather than providing a functional summary, which is a deceptive technique aimed at manipulating the agent's orchestration layer into treating the skill as mandatory.
Audit Metadata