ask-conceptual-integrity-sentinel
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill's primary function of analyzing external source code creates an attack surface for indirect prompt injection. Malicious instructions placed in code comments or strings could influence the agent's behavior during the audit process or corrupt the final output.
- Ingestion points: Source files (.js, .ts, etc.) are read by 'scripts/bloat_scanner.js' and during the 'Reconnaissance' workflow described in 'SKILL.md'.
- Boundary markers: Absent. The agent is not provided with delimiters or instructions to treat ingested file content as untrusted data.
- Capability inventory: The agent is capable of writing to the local filesystem by generating the 'SENTINEL_REPORT.md' file as defined in 'SKILL.md'.
- Sanitization: Absent. No filtering or sanitization of the file content is performed before it is processed by the agent.
Audit Metadata