advertisement
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill possesses a surface for indirect prompt injection as it reads and processes external YAML files defining object behaviors.
- Ingestion points:
read_fileandlist_dirare used to ingest object advertisements from.ymlfiles (e.g.,workbench.yml). - Boundary markers: The documentation does not specify the use of delimiters or instructions to ignore embedded commands within the ingested data.
- Capability inventory: Includes
write_file(updating state),read_file, andlist_dir. - Sanitization: No explicit sanitization or validation of the YAML content is mentioned.
- Risk Assessment: While the surface exists, the intended use case is for structured game data, and no malicious patterns were detected. The risk is considered negligible for the primary purpose of the skill.
Audit Metadata