require-prototype
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of natural language instructions and Markdown-based logic for the agent, containing no scripts, binaries, or external library dependencies.
- [COMMAND_EXECUTION]: The instructions describe a command-line interface (-f, -i, -o) that directs the agent to perform file system operations, including reading document content and overwriting files with generated text.
- [PROMPT_INJECTION]: The skill processes untrusted external documents, presenting an indirect prompt injection surface where embedded instructions could potentially influence the agent. 1. Ingestion points: Documents and images loaded via the -f path parameter. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present. 3. Capability inventory: The agent is granted permission to read and write (update) local files. 4. Sanitization: There is no specification for sanitizing or validating document content before processing.
Audit Metadata