analyze-prompt
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from external files specified by the user in Step 2, where it reads the entire content of a file.
- [PROMPT_INJECTION]: The skill lacks boundary markers or explicit instructions to ignore embedded commands when processing external content, creating a surface for indirect prompt injection where instructions in the analyzed file could hijack the agent.
- [PROMPT_INJECTION]: Mandatory evidence for indirect injection surface: 1. Ingestion: File read at $1 via Read tool. 2. Boundary markers: Absent. 3. Capability inventory: Read, Glob, Grep, and Skill tools. 4. Sanitization: Absent.
Audit Metadata