migrate
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [Prompt Injection] (LOW): The skill is vulnerable to indirect prompt injection (Category 8) because user-supplied strings are interpolated directly into prompts for sub-agents.
- Ingestion points: User input for '[TARGET]', '[FROM]', and '[TO]' in SKILL.md.
- Boundary markers: Absent from all sub-agent task templates.
- Capability inventory: The 'kraken' sub-agent is instructed to perform file-write operations (code implementation) and command execution (running tests).
- Sanitization: No escaping or validation of user input is specified.
- [Command Execution] (SAFE): The 'kraken' agent's role involves running tests and implementing code. While these are high-privilege capabilities, they are the stated primary purpose of the migration workflow and are described as instructions rather than provided as autonomous scripts.
- [No Code] (SAFE): No executable files, scripts (.py, .js, .sh), or binary dependencies are included with this skill. It functions as a set of logical instructions for an AI agent.
Audit Metadata