Skills
skills/naoterumaker/manabi-skills/concept-extractor/Gen Agent Trust Hub

concept-extractor

Fail

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The SKILL.md file contains a template for agent invocation that includes mode: "bypassPermissions". This is a direct instruction to bypass platform-level safety filters and permission constraints.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from transcripts and manuals without defining security boundaries, leaving it vulnerable to indirect prompt injection.
  • Ingestion points: The skill reads manual.md and transcript.txt files from the local filesystem to extract knowledge.
  • Boundary markers: None. There are no instructions or delimiters used to separate the source text from the agent's instructions.
  • Capability inventory: The skill has the capability to read files from the filesystem and write structured JSON output.
  • Sanitization: The skill does not implement any validation or sanitization of the processed text to prevent embedded instructions from being executed.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 2, 2026, 06:59 AM