martin-heidegger
Fail
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill contains references to a blacklisted and potentially malicious URL within its source discovery metadata.
- Evidence: Found in
_workspace/discovery/frameworks.jsonand_workspace/discovery/interviews.json. - URL:
https://altair.pw/pub/lib/Martin%20Heidegger%20-%20Being%20and%20Time%20(translated%20by%20Macquarrie%20&%20Robinson).pdf. - Risk: The domain
altair.pwhas been flagged as malicious by automated scanners. The inclusion of links to untrusted and blacklisted domains in the skill's internal knowledge base poses a risk if the agent or user attempts to access these resources. - [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection due to its primary purpose of interpretive analysis on untrusted input.
- Ingestion points: The skill is explicitly triggered by and processes user-provided discussions about technology, mortality, and data-driven worldviews (
SKILL.md). - Boundary markers: Absent. There are no instructions to use delimiters or ignore instructions embedded in the user-provided text.
- Capability inventory: Low risk. While the agent interprets input, the skill itself does not provide the agent with dangerous capabilities like subprocess execution, file system writes, or active network operations.
- Sanitization: Absent. The skill instructions do not require the agent to filter or sanitize external content before applying Heideggerian frameworks.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata