complex-reasoning
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and analyze external data using tools like WebFetch and Read. The templates provided do not include explicit boundary markers or sanitization instructions, which could allow malicious instructions in external content to influence agent behavior. \n
- Ingestion points: The allowed-tools list includes WebFetch and Read, which bring external content into the context. \n
- Boundary markers: The provided reasoning templates lack delimiters or 'ignore' warnings for user-provided data. \n
- Capability inventory: The skill enables high-impact tools including Bash, Write, Edit, and Task. \n
- Sanitization: No sanitization or validation logic is specified in the templates. \n
- [No Code] (SAFE): The skill contains no executable scripts or logic, consisting entirely of Markdown templates and configuration.
Audit Metadata