context-sync
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): The skill demonstrates susceptibility to Indirect Prompt Injection (Category 8) by design. It is instructed to ingest data from external project files that may be influenced by third parties. • Ingestion points: The skill reads package.json, requirements.txt, go.mod, and .csproj files (identified in SKILL.md). • Boundary markers: There are no defined delimiters or instructions to ignore embedded commands within the ingested content. • Capability inventory: The skill is limited to reading local files and proposing text updates; it does not contain code execution or network exfiltration capabilities. • Sanitization: No input validation or sanitization of the ingested manifest data is specified.
Audit Metadata