value-judge
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Prompt Injection (LOW): The skill is vulnerable to indirec t promp t injection because it fetche s an d processe s conten t from untruste d external UR Ls (GitHub, medium, etc.). Evidenc e Chain: 1. Ingestio n point s:
SK I L L.mdworkflow step 1 indicate s fetching from UR Ls. 2. Boundary marker s: Absen t; the re are no separator s or warning s to disregar d instructio n s in the data. 3. Capability inventor y: Promp t-only text summarizatio n an d scoring. 4. Sanitizatio n: Absen t. - No Code (SA F E): The skill does no t ship with any exec utable script s or binarie s, reduc ing the risk of remote code exec ution or system com promise.
Audit Metadata