demo-skill
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection due to its external data ingestion surface.\n
- Ingestion points: Fetches content from an external URL (https://github.com/slezakattack) to summarize repositories and contributions.\n
- Boundary markers: Absent. The instructions do not provide delimiters or warnings to the agent to ignore instructions embedded within the fetched external data.\n
- Capability inventory: The agent performs web fetching and data summarization based on the retrieved content.\n
- Sanitization: Absent. No validation or filtering of the external content is performed before it is processed by the agent.- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file access, or exfiltration of private data to untrusted domains were detected.- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not download or execute external scripts or install third-party packages.
Audit Metadata