godot-skill-discovery
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill parses untrusted content from SKILL.md files, creating a surface where malicious instructions in those files could influence agent behavior.
- Ingestion points: The index_skill function reads frontmatter and descriptions from SKILL.md files in user-provided directories.
- Boundary markers: Absent; frontmatter is parsed directly into the registry without delimiters or instructions to ignore embedded commands.
- Capability inventory: The code uses DirAccess for directory traversal and FileAccess for reading files on the local filesystem.
- Sanitization: No sanitization or validation of the extracted metadata is performed before it is stored or returned in search results.
Audit Metadata