Red-Team Review
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines a workflow that ingests untrusted 'artifacts' without sanitization or boundary markers, creating a surface for indirect prompt injection.
- Ingestion points: The artifact content placeholder in SKILL.md.
- Boundary markers: Absent, meaning malicious instructions in the artifact could hijack the agent session.
- Capability inventory: The agent's default tools and environment are accessible.
- Sanitization: None implemented for input content.
Audit Metadata