conventions-agent
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted source code and diffs, creating a surface for indirect prompt injection attacks.
- Ingestion points: Source code files and diffs are ingested via the Read tool as described in SKILL.md and evals/evals.json.
- Boundary markers: There are no defined delimiters or instructions to ignore embedded commands within the content being reviewed.
- Capability inventory: The skill uses Read and Write tools to modify project files as documented in SKILL.md.
- Sanitization: No sanitization or filtering of external code content is performed before processing.
Audit Metadata