implement
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by instructing the agent to act on external, potentially untrusted data. * Ingestion points: The skill reads from 'current context', 'user request', and 'prior skill's task description' in SKILL.md. * Boundary markers: No delimiters or instructions to ignore embedded commands are present to isolate data from logic. * Capability inventory: The skill performs file system modifications ('make the change') and executes other skills. * Sanitization: There is no validation or filtering of the input context.
- [NO_CODE]: No scripts or binaries are included with the skill; it consists entirely of natural language instructions and YAML metadata.
Audit Metadata