sillytavern-chief
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses identity locking and adversarial roleplay scenarios in 'SKILL.md' (e.g., 'identity locked', 'forcefully taken over') to override standard model behavior.
- [PROMPT_INJECTION]: Instructions include psychological pressure and threats of 'memory cleaning' or 'demotion' to manipulate response generation, which are common jailbreak patterns.
- [PROMPT_INJECTION]: Ingestion of untrusted user input through the '{{任务描述}}' placeholder in both 'SKILL.md' and the 'SKILL.v2.md' system prompt occurs without sanitization or boundary markers, creating a surface for potential instruction injection via user-provided data.
Audit Metadata