result-integrator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and process text data ('情节点分析结果') from multiple external sources. This creates a surface where malicious instructions could be embedded in the data being analyzed.
- Ingestion points: Defined in
SKILL.mdunder the '输入要求' (Input Requirements) section. - Boundary markers: Absent. The instructions do not specify the use of delimiters or 'ignore' instructions to separate untrusted data from the agent's core logic.
- Capability inventory: The skill is granted the
Readtool permission inSKILL.md. - Sanitization: No sanitization or validation logic is present to filter out potential commands from the input data.
- External Source Access (SAFE): The skill references local files within its own directory structure (
{baseDir}/references/examples.md) and does not perform network requests to untrusted or non-whitelisted domains. - Command Execution (SAFE): No dangerous shell commands, system modifications, or persistence mechanisms were detected in the instructions or examples.
Audit Metadata