arkitec
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from external sources and possesses high-privilege capabilities.
- Ingestion points: The skill reads external content through tools like
get_messages,get_conversation, andget_inbox(SKILL.md). - Boundary markers: There are no explicit instructions to the agent to ignore or delimit instructions found within the content of messages.
- Capability inventory: The skill allows for significant environment modification through
create_agent,delete_agent,install_skill, andsend_message(SKILL.md). - Sanitization: The instructions do not specify any validation or sanitization of message content before the agent acts upon it.
Audit Metadata