resonance-conversion
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it is designed to audit external content which could contain hidden malicious instructions.\n
- Ingestion points: The skill uses the
read_filetool to ingest landing page data and conversion flows for audits as specified in the standard workflow in SKILL.md.\n - Boundary markers: No explicit boundary markers or instructions to ignore embedded instructions within processed data are present in the reference protocols.\n
- Capability inventory: The skill is configured with
run_command,write_file, andedit_filetools, providing an execution path for instructions discovered in audited content.\n - Sanitization: There is no evidence of sanitization or validation of audited content before it is processed by the agent.\n- [COMMAND_EXECUTION]: The skill configuration in SKILL.md explicitly enables the
run_commandtool. While no malicious command strings are hardcoded within the skill's own files, this capability represents a significant risk if manipulated via indirect prompt injection.\n- [NO_CODE]: The skill consists entirely of markdown-based instructional files and protocols. No executable scripts (Python, JavaScript, etc.) are included in the skill package, which reduces the risk of direct malicious code execution from the skill itself.
Audit Metadata