qwik-expert
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a vulnerability to indirect prompt injection due to its primary function of processing and reviewing untrusted code without adequate isolation or sanitization.\n
- Ingestion points: Untrusted data enters the agent's context through user-provided code files or snippets as defined in the
SKILL.mdcapabilities and thetargetparameter inschemas/input.schema.json.\n - Boundary markers: The skill does not define specific delimiters or include instructions to disregard embedded commands or instructions within the code it reviews.\n
- Capability inventory: The skill is configured with powerful system tools, including
Bash,Write,Edit,Read,Grep, andGlob, which could be exploited if an injection is successful.\n - Sanitization: There is no evidence of content validation or escaping of the ingested data before the agent processes it.
Audit Metadata