improve-agent-readiness
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes content from external files (an 'agent readiness report' and 'references/criteria.md') to determine and execute repository modifications.
- Ingestion points: The skill reads external report files and criteria definitions to identify gaps and propose fixes (referenced in README.md and SKILL.md Steps 1 and 2).
- Boundary markers: The instructions do not define clear delimiters or negative constraints to ensure the agent ignores instructions embedded within the report data.
- Capability inventory: The skill possesses significant capabilities, including the ability to write multiple files across the repository (e.g., AGENTS.md, configuration files) and create git commits (SKILL.md Step 3).
- Sanitization: There is no evidence of sanitization or structural validation performed on the external report content before it influences the agent's implementation logic.
Audit Metadata