agent-evaluation
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it facilitates the processing of potentially untrusted external content within a high-capability environment.
- Ingestion points: As detailed in SKILL.md, the framework ingests agent responses, plan documents, and code review outputs for evaluation.
- Boundary markers: The instructions lack explicit delimiters or specific 'ignore embedded instructions' warnings for the data being evaluated.
- Capability inventory: The skill metadata defines access to powerful tools including Bash, Read, Write, Glob, and Grep.
- Sanitization: There is no evidence of input validation, escaping, or filtering of the external content before it is processed by the evaluator agent.
Audit Metadata