Skills
skills/orq-ai/orq-skills/run-experiment/Gen Agent Trust Hub

run-experiment

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes untrusted data from external sources.
  • Ingestion points: The workflow involves reading and analyzing production traces, conversation histories, and external datasets (referenced in SKILL.md, conversation-evaluation.md, and rag-evaluation.md).
  • Boundary markers: The instructions lack explicit boundary markers or 'ignore' directives that would prevent the agent from obeying instructions embedded within the data it is tasked with analyzing.
  • Capability inventory: The skill is granted access to high-privilege tools such as Bash, Write, and Edit, in addition to the orq* platform tools, which increases the potential impact of a successful injection.
  • Sanitization: There is no evidence of sanitization or validation logic applied to the external data before it is presented to the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 07:38 AM