prompt-engineering
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill includes a 'ComprehensiveInjectionDetector' using regex patterns to identify and block malicious instructions, functioning as a security control rather than a threat.\n- [Tool Call Validation] (SAFE): Implements 'ToolCallValidator' to enforce allowlists and parameter validation for tool usage, which is a best-practice mitigation against unauthorized action execution.\n- [Data Exposure & Exfiltration] (SAFE): Analysis of the Python snippets and documentation confirms no attempts to access sensitive files (e.g., SSH keys, credentials) or transmit data to external domains.\n- [Indirect Prompt Injection] (LOW): The skill provides patterns for safely processing external content.\n
- Ingestion points: 'process_external_content' function in 'references/threat-model.md'.\n
- Boundary markers: Explicit markers like '---UNTRUSTED CONTENT START---' are used to isolate external data.\n
- Capability inventory: No active subprocess or network capabilities are defined in the scripts; they focus on prompt construction logic.\n
- Sanitization: Incorporates defensive system instructions to ignore embedded commands within processed data.
Audit Metadata