al
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses high-priority language ('Mandatory') to instruct the agent to 'not use your plan mode,' which is a directive to override default behavioral constraints.
- [PROMPT_INJECTION]: The skill establishes an indirect prompt injection surface by requiring the agent to ingest and follow instructions from an external file path ('../alignfirst/SKILL.md').
- Ingestion points: Data is ingested from the external file '../alignfirst/SKILL.md'.
- Boundary markers: No delimiters or safety instructions are present to isolate the external content.
- Capability inventory: The skill delegates its primary operational logic to an externally defined protocol ('AAD protocol').
- Sanitization: No validation or sanitization is performed on the referenced file content.
Audit Metadata