ai-engineer
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill exhibits a surface for Indirect Prompt Injection due to its intended use case.
- Ingestion points: The skill instructions explicitly mention document processing (PDF extraction), web scraping, and API integrations in SKILL.md.
- Boundary markers: The prompt template does not provide specific delimiters or 'ignore' instructions for untrusted data isolation.
- Capability inventory: The agent is empowered with tools for web search, code execution, and database queries.
- Sanitization: The instructions proactively include directions for the agent to implement its own 'Prompt injection detection' and 'PII redaction' strategies.
Audit Metadata