Skills
skills/unggamx/ungga-skills/guv3-new-agent/Gen Agent Trust Hub

guv3-new-agent

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill defines a prompt generation pattern in nodes/prompt.py that interpolates untrusted user data without sufficient boundary markers.\n
  • Ingestion points: Untrusted data is injected via the {{context_history}} and {{messages}} placeholders within the {AGENT_NAME_UPPER}_PROMPT template in src/guv3/gu/agents/{agent_name}/nodes/prompt.py.\n
  • Boundary markers: The template lacks explicit delimiters (such as XML tags or clear separators) to prevent instructions within the conversation history from being interpreted as system-level commands.\n
  • Capability inventory: Generated agents have the capability to execute tools defined in nodes/tools.py via agent_invoke and transition between different graph states.\n
  • Sanitization: The boilerplate does not include mechanisms to sanitize or escape the content of the interpolated variables before they are processed by the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 03:55 AM