atelier-oracle-challenge
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-provided data through the
$ARGUMENTSvariable without using boundary markers or protective instructions. - Ingestion points: The
$ARGUMENTSvariable inSKILL.mdacts as an entry point for untrusted data provided during the/atelier-challengecommand invocation. - Boundary markers: The skill fails to use delimiters (such as XML tags or triple quotes) to separate the untrusted input from the system instructions.
- Capability inventory: The skill leverages the
mcp__sequential-thinking__sequentialthinkingtool to perform multi-step analysis based on the input. - Sanitization: There is no evidence of input validation or instructions telling the agent to ignore any commands that might be embedded within the
$ARGUMENTSstring.
Audit Metadata