shape
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill is comprised of markdown instructions and a JSON evaluation file; no executable code is present.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8).
- Ingestion points: External data is retrieved from GitHub repositories and web searches during 'Step 1: Extract'.
- Boundary markers: No delimiters or 'ignore' instructions are provided to isolate external search results from the system prompt.
- Capability inventory: The skill calls the 'hope:consult' skill and utilizes 'AskUserQuestion'.
- Sanitization: No content validation or sanitization is performed on search results before they are processed by the reasoning loop.
Audit Metadata