instructor
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The examples in 'references/examples.md' demonstrate vulnerable patterns where untrusted external data is interpolated into prompts.
- Ingestion points: Found in 'references/examples.md' where a 'text' variable is passed to the model (e.g., f'Extract: {text}').
- Boundary markers: Absent; there are no delimiters like XML tags or triple quotes to isolate the untrusted content.
- Capability inventory: The examples show the ability to perform data extraction, sentiment analysis, and multi-entity extraction.
- Sanitization: No sanitization or 'ignore embedded instructions' warnings are present.
- Credentials Safety (SAFE): 'references/providers.md' uses safe placeholders like 'your-api-key' for configuration examples.
- External Dependencies (SAFE): The skill references reputable libraries including instructor, anthropic, and openai.
Audit Metadata