summary-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from lesson markdown files.
- Ingestion points: Workflow step 1 ('Read the target lesson file completely') and step 2 ('Extract the lesson's proficiency level from frontmatter').
- Boundary markers: Absent. The skill does not define delimiters or provide 'ignore embedded instructions' warnings when processing the lesson content.
- Capability inventory: The skill performs file system 'read' and 'write' operations to create the '.summary.md' files.
- Sanitization: Absent. There is no evidence of input validation or escaping for the content being summarized.
Audit Metadata