Geek-skills-weather-forecast-report
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it is designed to ingest and process untrusted user-provided materials.
- Ingestion points: Materials collection phase in SKILL.md reads files such as READMEs, training logs, and code.
- Boundary markers: There are no explicit instructions to use delimiters or to treat ingested content as data rather than instructions.
- Capability inventory: The agent has capabilities to read files and invoke an external document generation skill.
- Sanitization: No input validation or filtering of ingested text is implemented.
- [COMMAND_EXECUTION]: The skill references and utilizes an external utility for document generation located at /mnt/skills/public/docx/SKILL.md. This is a functional integration used to convert analyzed data into DOCX format.
Audit Metadata