Skills
skills/mark393295827/house-maint-ai/regex-vs-llm-structured-text/Gen Agent Trust Hub

regex-vs-llm-structured-text

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection within its validation logic.
  • Ingestion points: The validate_with_llm function in SKILL.md accepts original_text, which is untrusted data from a document being processed.
  • Boundary markers: The prompt template uses simple text headers ("Text: {original_text}") rather than secure delimiters or explicit instructions to the LLM to ignore instructions found within the data.
  • Capability inventory: While the provided code only returns structured data, an agent using this skill to parse instructions or data for subsequent tools could be manipulated if the LLM's output is poisoned by the input text.
  • Sanitization: There is no evidence of sanitization, escaping, or structural validation of the input text before it is interpolated into the LLM prompt.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 03:45 PM