weak-signal-synthesizer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and synthesize data from untrusted external sources (Reddit, GitHub, academic papers). * Ingestion points: External web content from niche communities and public repositories defined in SKILL.md. * Boundary markers: Absent; the instructions do not specify how to distinguish between data and instructions. * Capability inventory: None; the skill is 'No Code' and does not define tools for execution or file writing. * Sanitization: Absent; no instructions are provided to filter or sanitize external content.
- [No Code] (SAFE): The skill contains only natural language instructions and no executable scripts, reducing the risk of direct technical compromise.
Audit Metadata