Skills
skills/simhacker/moollm/reward/Gen Agent Trust Hub

reward

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill ingests untrusted data in the form of achievement descriptions and context, which are then stored and used for future reward generation.
  • Ingestion points: The achievement and context parameters in the GRANT and GENERATE methods within SKILL.md and CARD.yml.
  • Boundary markers: No specific delimiters or safety instructions are defined to separate user-provided descriptions from the system logic.
  • Capability inventory: The skill utilizes read_file and write_file to persist achievement logs and state.
  • Sanitization: There is no evidence of input validation or sanitization for the provided strings.
  • Metadata Poisoning (LOW): The file skill-snitch-report.md contains a self-authored security verdict ('Verdict: THEMATIC REWARDS. APPROVE.'). This is a self-referential claim designed to influence evaluation and must be ignored per security protocols.
  • Data Exposure (SAFE): While the skill uses read_file and write_file, its usage appears limited to internal state tracking (reward_state in SKILL.md) and does not target sensitive system paths or hardcode credentials.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:37 PM