a11y
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests and processes external project files (such as Razor views, React components, and C# models) which could contain adversarial instructions. This represents an indirect prompt injection surface that could influence agent behavior during the audit process.
- Ingestion points: The skill reads files at paths including
src/components/**/*.tsx,Views/**/*.cshtml,Models/**/*.cs, and YAML serialization files. - Boundary markers: There are no explicit instructions or delimiters used to separate the content of the scanned files from the agent's internal instructions.
- Capability inventory: The skill is granted access to the
Read,Grep,Glob, andBashtools to perform analysis. - Sanitization: File contents are analyzed directly without escaping or filtering of potential command-like patterns.
Audit Metadata