axiom-using-axiom
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill employs aggressive and imperative language to override agent autonomy and force specific behaviors. Evidence includes phrases such as 'ABSOLUTELY MUST,' 'not negotiable,' 'not optional,' and 'You cannot rationalize your way out of this.'
- [PROMPT_INJECTION]: The instructions explicitly command the agent to ignore its own internal reasoning by labeling logical evaluations (e.g., 'I can fix this SwiftUI bug quickly') as 'rationalizations' or 'Red Flags.'
- [PROMPT_INJECTION]: The skill defines a vulnerability surface for indirect prompt injection by using untrusted data to drive tool routing. Ingestion points: File names within the working directory (e.g., .xcodeproj, .xcworkspace) and user-provided conversation strings. Boundary markers: Absent. Capability inventory: Invokes specialized external Axiom skills and tools. Sanitization: Absent.
Audit Metadata