Leavn Multi-Language UX Verification Skill
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (HIGH): High-risk Indirect Prompt Injection vulnerability surface detected. The skill is designed to ingest and process untrusted external data from the local codebase while possessing tools capable of making side-effect-heavy modifications. 1. Ingestion points: The skill reads local files including Swift source code, .lproj directories, and .strings localization files across multiple phases. 2. Boundary markers: Absent; there are no instructions to the agent to distinguish between the content of the files and its own instructional logic. 3. Capability inventory: The skill is explicitly granted 'Read', 'Grep', and 'Edit' (filesystem modification) tools in the frontmatter. 4. Sanitization: None; the skill lacks any validation or filtering mechanisms for the content it ingests before using it to generate reports or perform analysis.
Recommendations
- AI detected serious security threats
Audit Metadata