Skills
skills/marcusgoll/spec-flow/hallucination-detector/Gen Agent Trust Hub

hallucination-detector

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its data ingestion mechanisms.
  • Ingestion points: Loads and parses external project files including docs/project/tech-stack.md, prisma/schema.prisma, package.json, and .env.example. It also uses grep to search through the entire codebase.
  • Boundary markers: No explicit delimiters or 'ignore' instructions are used when interpolating the content of these files into the agent's context.
  • Capability inventory: The skill utilizes readFile, readJSON, grep, and fetch capabilities.
  • Sanitization: There is no evidence of sanitization or filtering of the content retrieved from external files before it is processed by the agent.
  • [EXTERNAL_DOWNLOADS]: Communicates with a well-known service to verify technical data.
  • Evidence: Fetches package metadata from the official npm registry at https://registry.npmjs.org/. This is used to confirm the existence and versions of suggested dependencies.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 01:09 PM