rfc-check
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill creates an indirect prompt injection surface by instructing the agent to read and analyze untrusted external files.
- Ingestion points: Source code files and RFC documents accessed via Read, Grep, and Glob tools.
- Boundary markers: The skill lacks explicit markers or instructions to ignore embedded commands within the analyzed files.
- Capability inventory: The skill is restricted to Read, Grep, and Glob tools; it cannot write to the filesystem, execute arbitrary shell commands, or make network requests.
- Sanitization: No sanitization or validation is performed on the content of the files before they are processed by the agent.
- Impact: Maliciously crafted comments in the code could attempt to manipulate the agent's RFC verdict, but the lack of dangerous tools prevents this from resulting in exfiltration or system compromise.
Audit Metadata