docs-guide
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill is susceptible to malicious instructions embedded in the data it processes. 1. Ingestion points: Uses Read, Grep, and Glob tools to ingest data from the workspace environment. 2. Boundary markers: Absent; there are no instructions to distinguish between data and commands. 3. Capability inventory: Includes Write and Edit tools, which allow for file system modifications. 4. Sanitization: No logic is present to sanitize or validate external content before it is processed or written to files.
Recommendations
- AI detected serious security threats
Audit Metadata