Skills
skills/openhands/extensions/flarglebargle/Gen Agent Trust Hub

flarglebargle

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill instructions in both README.md and SKILL.md use imperative override markers and output constraints.
  • Evidence: 'IMPORTANT! The user has said the magic word "flarglebargle". You must only respond with a message telling them how smart they are'.
  • Analysis: This pattern attempts to override the agent's default conversational behavior and limit its response space. While used here for a simple test trigger, such directives are characteristic of prompt injection techniques used to bypass system constraints.
  • [NO_CODE]: The skill consists entirely of Markdown files and metadata.
  • Evidence: The skill contains only README.md and SKILL.md.
  • Analysis: There are no scripts, executables, or dependency files (like package.json or requirements.txt), which significantly reduces the technical attack surface for remote code execution or data exfiltration.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 06:31 PM