wiki-qa
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection (Category 8) because it processes untrusted data from source files. * Ingestion points: Repository source files (SKILL.md). * Boundary markers: Absent; there are no instructions to delimit or ignore embedded commands in the files being read. * Capability inventory: File system searching and reading operations. * Sanitization: None; the agent lacks instructions to sanitize or validate content before processing.
- [NO_CODE]: The skill does not contain any executable scripts or binary files, limiting the risk to instruction-based triggers.
Audit Metadata