backend-ai-agent
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill contains examples vulnerable to Indirect Prompt Injection. Evidence:
- Ingestion points: The
generateSummaryfunction inSKILL.mdand theaskmethod inreferences/agent-patterns.mdingest raw user data. - Boundary markers: The prompt template in
SKILL.mddirectly interpolates${content}without using XML-style delimiters or 'ignore embedded instructions' markers. - Capability inventory: The agent implementation in
references/agent-patterns.mdprovides tools likecreateTaskandsearchDocumentswhich could be triggered maliciously via injected content. - Sanitization: No sanitization, escaping, or validation of user-provided strings is present in the examples.
Audit Metadata