recommend-evolution
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the 'evidence' and 'summary' input fields. * Ingestion points: The skill accepts 'evidence' and 'summary' strings from tool arguments in 'scripts/main.cjs'. * Boundary markers: No delimiters or protective instructions are used when interpolating these strings into the markdown report block defined in 'SKILL.md'. * Capability inventory: The skill utilizes 'Read', 'Write', 'Edit', and 'Skill' tools as documented in its capability list and instructions. * Sanitization: Input is trimmed but not filtered for markdown injection or instructional override patterns.
Audit Metadata