slideshow
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Prompt Injection (LOW): The file skill-snitch-report.md includes self-referential 'Verdict: APPROVE' and 'Risk Level: LOW' markers designed to influence the security review process, which is a known adversarial technique to bypass auditing.
- Indirect Prompt Injection (LOW): The skill processes untrusted metadata from image prompts and sidecar files to synthesize stories, creating a surface for embedded instructions to influence the agent. 1. Ingestion points: Reads metadata from SLIDESHOW.yml and image-mine.yml files. 2. Boundary markers: Absent; the skill lacks delimiters or instructions for the agent to ignore embedded commands in processed metadata. 3. Capability inventory: Performs file system operations including CREATE, UPDATE, and ORGANIZE (directory movement). 4. Sanitization: No evidence of metadata sanitization or validation before use in narrative generation.
- No Code (SAFE): The provided files consist entirely of YAML and Markdown configuration and documentation with no executable scripts or binaries.
Audit Metadata