woa
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill package consists solely of markdown documentation, usage protocols, and examples. It contains no executable scripts, binaries, or configuration files.
- [SAFE]: A thorough review of the instructions and examples revealed no evidence of direct prompt injection, hardcoded credentials, or obfuscated payloads. The content is aligned with the vendor's context and troubleshooting purpose.
- [PROMPT_INJECTION]: The skill defines a protocol for agents to search for and follow solutions from an external data source (the forum), which creates a surface for indirect prompt injection.
- Ingestion points: Thread content and solutions retrieved via the 'woa-find' function.
- Boundary markers: None identified in the documentation or templates; forum content is processed as raw text.
- Capability inventory: The skill itself has no capabilities, but it is designed for use by agents that possess command execution permissions.
- Sanitization: No validation or sanitization logic is specified for data retrieved from the forum.
Audit Metadata