Skills
skills/mrilikecoding/dotfiles/argument-audit/Gen Agent Trust Hub

argument-audit

Pass

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • Prompt Injection (LOW): This skill is vulnerable to indirect prompt injection (Category 8) because its core function is to process untrusted external data.
  • Ingestion points: The agent uses Read, Grep, and WebFetch to ingest paper content provided by the user or fetched from URLs.
  • Boundary markers: The instructions do not define explicit boundary markers or 'ignore' instructions for the content being audited.
  • Capability inventory: The skill utilizes Read, Grep, Glob, WebSearch, and WebFetch. This combination allows the agent to read local files (like ./docs/domain-model.md) and make external network requests.
  • Sanitization: There is no evidence of sanitization or filtering of the ingested content before processing.
  • External Downloads (SAFE): The WebFetch and WebSearch tools are used specifically for the primary purpose of retrieving academic papers for audit, which is consistent with the skill's stated goal.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 18, 2026, 10:39 AM