Skills
skills/mumerrazzaq/claude-code-skills-lab/upwork-proposal/Gen Agent Trust Hub

upwork-proposal

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it instructs the agent to search for and prioritize 'hidden instructions' or 'test words' embedded in external job descriptions.
  • Ingestion points: The job_description input variable in SKILL.md is the ingestion point for untrusted external data.
  • Boundary markers: Boundary markers are absent; the skill explicitly tells the agent to 'follow them FIRST' when such instructions are detected, rather than isolating or ignoring them.
  • Capability inventory: The agent's capabilities include generating customized text proposals. While it lacks direct code execution, an attacker could use injected instructions to manipulate the tone, content, or contact information in the resulting proposal.
  • Sanitization: No sanitization or filtering is applied to the job description input before it is processed by the AI agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 12:35 AM