file-uploads
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill establishes a workflow for ingesting and analyzing untrusted external content (user-provided file uploads) to perform high-capability tasks like code creation and system diagnosis.
- Ingestion points: Processes external file uploads, cloud storage objects (S3/R2), and multipart data as described in the metadata and instructions.
- Boundary markers: The instructions do not define delimiters (e.g., XML tags or clear separators) to prevent the agent from following instructions embedded within the uploaded content.
- Capability inventory: The agent is empowered to create code patterns, diagnose system failures, and perform architectural reviews based on this data.
- Sanitization: No explicit sanitization or instruction-filtering logic is provided; the skill relies solely on the agent's 'personality' to maintain security, which is insufficient against adversarial input.
- No Code (SAFE): The provided skill content consists exclusively of markdown instructions and metadata. No executable scripts, binaries, or configuration files were found for analysis.
Audit Metadata