special-chars-skill
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists exclusively of a markdown file (SKILL.md). It does not define any tools in the allowed-tools field and does not include any executable scripts or configuration files.
- [PROMPT_INJECTION] (LOW): The skill identifies $ARGUMENTS as an ingestion point for untrusted data. Evidence Chain: 1. Ingestion point: $ARGUMENTS in SKILL.md. 2. Boundary markers: None. 3. Capability inventory: Empty (allowed-tools is empty, no scripts provided). 4. Sanitization: Not implemented in the skill code. The severity is LOW (INFO tier) because the skill lacks any capabilities to execute commands, write files, or perform network operations, meaning the injection strings remain as literal text.
Audit Metadata