culinary-assistant
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): Susceptibility to indirect prompt injection through the processing of untrusted recipe feedback.
- Ingestion points:
SKILL.mdinstructs the agent to analyze and incorporate 'reader comments or feedback' into improved recipe outputs. - Boundary markers: Absent. The skill lacks instructions to delineate comments from agent directives or to ignore malicious commands embedded in that text.
- Capability inventory: The skill allows the agent to write files in
.melarecipeand.jsonformats to the local Downloads folder, creating a path for an attacker to manipulate file contents via comments. - Sanitization: Absent. There is no specific requirement to sanitize or filter the content of the comments before processing.
Audit Metadata