advanced-elicitation
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill implements meta-cognitive reasoning methods through prompt templates that ingest external content, creating a surface for indirect prompt injection.
- Ingestion points: Multiple prompt templates in the SKILL.md file process the
{content}variable. - Boundary markers: Templates use triple-dash delimiters (
---) to separate content from instructions. - Capability inventory: The skill utilizes Read and Write tools and the
catcommand for memory state management. - Sanitization: No explicit sanitization or filtering of the
{content}variable is performed before interpolation. - [COMMAND_EXECUTION]: The skill includes a 'Memory Protocol' that uses the
catcommand to access local context files located in the.claude/context/memory/directory for session persistence.
Audit Metadata