showcase-export
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill mandates the 'extraction' and narration of internal instructions (e.g., 'This skill instructs me to: [First instruction from the skill]'), which mirrors system prompt extraction attacks. It specifically overrides the agent's standard behavior of silent execution to surface hidden logic.
- [PROMPT_INJECTION] (LOW): The skill creates an indirect prompt injection surface by requiring the agent to narrate and 'reconstruct' processes from potentially untrusted sub-agents. 1. Ingestion points: Sub-agent tool results and user trigger phrases. 2. Boundary markers: Absent in the mandatory narration templates. 3. Capability inventory: The skill itself contains no scripts or code. 4. Sanitization: Absent; the agent is instructed to reconstruct internal processes based on inferred reasoning.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill documentation suggests installation from an untrusted GitHub repository (sunnypatneedi/skills), but no active download or execution logic is present in the skill file itself.
Audit Metadata