Skills
skills/rdimascio/react-marketplace/boundary-generator/Gen Agent Trust Hub

boundary-generator

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONNO_CODE
Full Analysis
  • PROMPT_INJECTION (HIGH): The skill establishes a high-risk attack surface for Indirect Prompt Injection by granting the agent write-access tools to process untrusted external content.
  • Ingestion points: Ingests external source code using Read, Grep, and Glob tools.
  • Boundary markers: Absent; there are no instructions or delimiters provided to help the agent distinguish between its own instructions and untrusted data from the filesystem.
  • Capability inventory: The agent is granted Write and Edit permissions, enabling it to perform impactful modifications to the codebase based on ingested data.
  • Sanitization: Absent; the skill lacks any mechanisms to validate or filter data retrieved from external files.
  • NO_CODE (INFO): No executable scripts or active code logic were detected within the skill files; the vulnerability arises from the tool permissions and instructional workflow defined in the metadata.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 01:08 PM