robert-langer
Warn
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: MEDIUMPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: Detection of hidden Unicode characters (such as U+2028 Line Separators) within the reference corpus (_workspace/raw/src_021.json). These characters are often used for steganographic prompt injection to hide instructions from human oversight while remaining interpretable by an AI model.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection vulnerability due to its architecture of ingesting raw, unsanitized text from various external web sources into the agent's context. Boundary markers are absent, and the agent lacks explicit instructions to treat reference materials as untrusted content or to ignore embedded directives.
- [NO_CODE]: The skill package consists entirely of instructions and structured data files. No executable scripts, system commands, or dependency manifests were found, which minimizes the attack surface for traditional code-based exploits.
Audit Metadata