Skills
skills/parandurume-labs/duru-conductor/careful/Gen Agent Trust Hub

careful

Pass

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it instructs the agent to read and follow project-specific lessons from a local file (LESSONS.md) without validation.
  • Ingestion points: The skill reads external instructions from LESSONS.md in the project root as specified in SKILL.md and AGENTS.md.
  • Boundary markers: Absent. The instructions do not define delimiters or provide warnings to the agent to treat the content of LESSONS.md as untrusted data.
  • Capability inventory: The agent environment typically has shell execution capabilities (bash), as the skill is intended to monitor and execute potentially dangerous commands.
  • Sanitization: Absent. The skill directs the agent to 'apply those project-specific lessons alongside the rules', granting the external file authoritative influence over agent behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 18, 2026, 12:54 PM