embedded-systems
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Metadata Poisoning (LOW): The description field contains a trailing instruction 'Use when ", " mentioned.' which acts as a non-standard activation trigger. This could lead to unintended skill invocation or bypass standard intent recognition.
- Indirect Prompt Injection (LOW): The skill is designed to process untrusted user input for validation against local reference files (references/validations.md). 1. Ingestion points: User inputs are directly compared against internal validation rules. 2. Boundary markers: The prompt lacks delimiters to separate user input from system instructions. 3. Capability inventory: The skill is limited to response generation and lacks dangerous capabilities like network access or command execution. 4. Sanitization: No input validation or sanitization logic is present to prevent malicious user input from influencing the grounding process.
Audit Metadata