robot-expert
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (MEDIUM): The skill directs the agent to load and follow instructions from an external path:
{{cookiecutter.primary_pipeline_name}}/.claude/skills/robot-expert/SKILL.md. 1. Ingestion points: External data enters the context via theReadtool from a file path containing a template variable. 2. Boundary markers: Absent. There are no delimiters or instructions to ignore embedded commands within the loaded file. 3. Capability inventory: The agent is primarily used for guidance and referencing patterns; however, the 'Follow the Guide' instruction (Step 3) effectively delegates control of the agent's logic to the external file. 4. Sanitization: None. The agent does not validate or filter the content of the loaded file before adopting it as the primary instruction set.
Audit Metadata