rate-limiting
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill designates several reference files (references/patterns.md, references/sharp_edges.md, references/validations.md) as authoritative sources. This ingestion surface is vulnerable to indirect prompt injection. 1. Ingestion points: The files listed in the 'Reference System Usage' section. 2. Boundary markers: Absent; the agent is instructed to treat these files as the source of truth without using delimiters or sanitization. 3. Capability inventory: No command execution, network access, or file-writing capabilities were found in the provided file. 4. Sanitization: No logic is present to filter or escape instructions that might be embedded in the reference content.
- Prompt Injection (LOW): The skill uses strong anchoring language such as 'Ignore generic approaches' and 'politely correct them'. While intended for grounding, these instructions demonstrate the skill's attempt to override general agent behavior in favor of specific provided content.
Audit Metadata