simulate
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill accepts user-provided input for the 'topic' and 'domain' arguments, which are interpolated into the context for persona agents. This creates a surface for indirect prompt injection where adversarial input could attempt to redirect the agent's behavior during the simulation. However, this interpolation is central to the skill's primary functionality.
- Ingestion points: 'topic' and 'domain' arguments defined in SKILL.md.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the interpolation templates.
- Capability inventory: The skill is permitted to use 'Write' for file system access and 'Skill' for executing other automated tasks.
- Sanitization: No sanitization or validation of the input strings was detected before interpolation.
- [COMMAND_EXECUTION]: The skill uses tools like 'Read', 'Glob', 'Grep', and 'Write' to manage data within the local '.requirements/' directory. These operations are consistent with the stated purpose of saving and analyzing simulation results. No high-risk command execution or privilege escalation patterns were identified.
Audit Metadata