agent-prompt-validator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [Prompt Injection] (SAFE): No instructions found that attempt to bypass safety filters, extract system prompts, or override agent behaviors. The guidelines emphasize clarity and objective-driven behavior.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file path access, or network operations were detected. The example files contain generic placeholders and broken local links for demonstration purposes only.
- [Indirect Prompt Injection] (INFO): The skill is designed to process untrusted data (external agent prompt files).
- Ingestion points: The agent is instructed to read files like
agents.mdas described inSKILL.md. - Boundary markers: Absent; the skill does not specify delimiters for the data being reviewed.
- Capability inventory: None; the skill contains no scripts or tools to execute commands, write files, or access the network.
- Sanitization: Absent; however, since there are no functional side effects or executable capabilities, the ingestion of untrusted prompt text for review purposes poses negligible risk.
- [No Code] (SAFE): The skill consists entirely of Markdown files (
.md). There are no Python scripts, Node.js packages, or shell scripts included in the package.
Audit Metadata