boring-remix
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it transforms untrusted user content (social posts, emails, blogs) into new versions.
- Ingestion points: User-provided content enters the agent context via the chat interface for transformation as described in SKILL.md.
- Boundary markers: No delimiters or 'ignore embedded instructions' warnings are present to isolate the user's content from the system's instructions.
- Capability inventory: The skill reads local markdown files including
world-code/voice.md,world-code/conversation.md, andreferences/boring-ref-content-themes-to-posts.md. No network operations, shell execution, or file write capabilities are present. - Sanitization: There is no evidence of input validation or sanitization to filter out malicious instructions from the content being remixed.
Audit Metadata