skill-reviewer
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection.
- Ingestion points: The skill uses the Read tool to ingest the contents of SKILL.md files from the local workspace.
- Boundary markers: There are no explicit instructions or delimiters used when reading external files to prevent the agent from following instructions embedded within those files.
- Capability inventory: The skill possesses Edit capabilities, allowing it to modify files in the workspace based on the analysis of the ingested data.
- Sanitization: No sanitization or validation of the ingested file content is performed before processing it as a set of rules for the Edit tool.
Audit Metadata