standards-compliance-documentation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill ingests untrusted 'content' via its parameters, but it lacks any dangerous capabilities (such as shell access, file-system writes, or network operations) that would allow an attacker to exploit this ingestion surface.\n
- Ingestion points: parameters['content'] in skill.py.\n
- Boundary markers: Absent; the content is interpolated directly into the response dictionary.\n
- Capability inventory: No subprocess calls, network requests, or file-system write operations are present in the skill code.\n
- Sanitization: None; the input is reflected directly into the output status.\n- [Functional Issue] (SAFE): The variable 'skill_dir' is used in the execute method in skill.py but is never defined, which will cause a NameError at runtime. Additionally, the CLI examples provided in SKILL.md do not match the parameters implemented in the Python code.
Audit Metadata