visualize
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the $ARGUMENTS parameter.
- Ingestion points: User-provided description in SKILL.md.
- Boundary markers: The prompt lacks delimiters to isolate user input from instructions.
- Capability inventory: Authorization of tools like Read, Write, Glob, and Grep increases the potential impact of successful injection.
- Sanitization: No input sanitization or explicit 'ignore instructions' directives are present.
Audit Metadata