Skills
skills/vamdawn/ai-forge/review-skill/Gen Agent Trust Hub

review-skill

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes the content of external files provided via the $ARGUMENTS path. An attacker could craft a malicious skill file that, when audited, attempts to influence the auditor's report or behavior.
  • Ingestion points: Uses Read, Glob, and Grep to ingest content from the target skill directory and files specified in $ARGUMENTS.
  • Boundary markers: No specific delimiters or 'ignore' instructions are used when outputting audited content or findings in the final report.
  • Capability inventory: The skill is restricted to Read, Glob, and Grep tools; it lacks the ability to write to the filesystem or initiate network connections.
  • Sanitization: No sanitization or validation of the audited content is performed before it is processed by the model for the audit report.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 08:30 AM