slim-doc
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill acts as a document processor, creating an indirect prompt injection surface where the agent could potentially be influenced by malicious instructions embedded within the Markdown files it is asked to 'slim'.
- Ingestion points: The skill reads existing
.mdfiles from the local file system based on user input or project context (File: SKILL.md). - Boundary markers: The prompt instructions do not include explicit markers or delimiters to isolate the input document content from the agent's core instructions.
- Capability inventory: The skill has the capability to read local files and write new files (outputting to
<filename>.slim.md) within the same directory. - Sanitization: There is no mechanism described to sanitize, escape, or validate the content of the input document before it is processed by the AI.
Audit Metadata