Skills
skills/knowlet/pf-skills/reactor-sub-agent/Gen Agent Trust Hub

reactor-sub-agent

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill ingests configuration data from the 'docs/specs/' directory (e.g., frame.yaml and reactor.yaml) to generate TypeScript and Go source code, which creates a vulnerability surface for indirect prompt injection.
  • Ingestion points: Specification files located in 'docs/specs/{feature-name}/'.
  • Boundary markers: No delimiters or protective instructions are specified to distinguish between configuration data and potential malicious instructions.
  • Capability inventory: The agent performs file reads and generates code output to the 'src/application/event-handlers/' directory.
  • Sanitization: There is no evidence of sanitization or validation logic to filter potentially malicious content from the specification files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 06:42 AM