Skills
skills/udecode/plate/agent-native-audit/Gen Agent Trust Hub

agent-native-audit

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [NO_CODE]: The skill consists entirely of Markdown-based instructions and does not include any local or remote code for execution.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it is designed to analyze untrusted data from a codebase, including other agent prompts.
  • Ingestion points: The audit process requires the agent to enumerate and read all files in a codebase, specifically targeting API services, tool definitions, and existing agent prompts.
  • Boundary markers: The instructions do not define delimiters or specific safety warnings to prevent the agent from obeying instructions found within the audited codebase.
  • Capability inventory: The agent is instructed to use a 'Task' tool with 'Explore' capabilities to traverse and read the entire filesystem.
  • Sanitization: No sanitization or filtering is applied to the content of the files before processing by the auditing sub-agents.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 11:52 AM