document-consolidator
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- NO_CODE (SAFE): The skill consists entirely of Markdown files (README.md, SKILL.md, and reference guides). No executable scripts, binaries, or configuration files for package managers were detected.
- PROMPT_INJECTION (LOW): Indirect Prompt Injection Surface detected.
- Ingestion points: The skill specifically guides the agent to perform web searches based on identified information gaps in
SKILL.mdandreferences/web-enrichment.md. - Boundary markers: The instructions provide clear formatting for the output (e.g., using
**[보강]**and footnotes) but do not explicitly instruct the agent to ignore potentially malicious instructions embedded within the external content retrieved from the web. - Capability inventory: The skill itself has no custom code capabilities; however, it leverages the agent's native ability to read and summarize external data, which is the primary attack vector.
- Sanitization: There is no programmatic sanitization or filtering of external data; the skill relies on the agent's internal safety filters and a 'reliability checklist' provided in the documentation.
Audit Metadata