unblock-action
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user-provided task descriptions which may contain embedded instructions, presenting a surface for indirect prompt injection. * Ingestion points: User-provided task input in the first step of the conversation. * Boundary markers: No delimiters or boundary markers are defined to separate user input from the system prompt. * Capability inventory: The skill is authorized to use the 'Read' tool, which could be exploited to read sensitive files if an injection is successful. * Sanitization: No input validation or filtering is performed on the user content.
- [NO_CODE]: The skill consists exclusively of markdown instructions and includes no executable scripts, binaries, or automated build steps.
Audit Metadata