plan
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses the $ARGUMENTS variable to pass user input directly into commands without boundary markers or sanitization. This creates a surface for indirect prompt injection. \n- Ingestion points: $ARGUMENTS in SKILL.md. \n- Boundary markers: Absent; user input is interpolated directly. \n- Capability inventory: The skill triggers workflow commands which may perform further complex tasks. \n- Sanitization: None detected in the skill definition.
Audit Metadata