tool-use-guardian
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill outlines a methodology for processing data from external tool outputs, establishing a surface for indirect prompt injection. * Ingestion points: Data entering the system from tool call responses as described in Step 2. * Boundary markers: The skill does not specify the use of delimiters or 'ignore' instructions for processed content. * Capability inventory: The skill specifies capabilities for automated tool retries and response manipulation. * Sanitization: No sanitization or validation logic is defined for the tool output strings.
- [NO_CODE]: The skill provides documentation and metadata only, with no executable scripts.
- [SAFE]: Network references are limited to well-known domains including GitHub and Vercel.
Audit Metadata