chain-of-thought
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified in the instructional content.
- [NO_CODE]: The skill consists entirely of markdown documentation and does not include any executable scripts or configuration files, minimizing the attack surface.
- [PROMPT_INJECTION]: Analysis of the Indirect Prompt Injection surface (Category 8):
- Ingestion points: User prompts and code snippets are processed within reasoning blocks as seen in SKILL.md and REFERENCE.md.
- Boundary markers: XML-style tags (, ) are used to demarcate internal reasoning from output.
- Capability inventory: The skill possesses no capabilities for code execution, network access, or file system interaction.
- Sanitization: No explicit sanitization of input data is defined, with the skill relying on structural boundaries provided by the reasoning tags.
Audit Metadata