vp-product
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection due to the interaction between ingestion tools and execution tools.
- Ingestion points: Untrusted data can enter the agent's context through the WebSearch, Read, Glob, and Grep tools as specified in the SKILL.md tool list.
- Boundary markers: The skill does not define specific delimiters or provide instructions to ignore embedded prompts within ingested data.
- Capability inventory: The skill has access to high-privilege tools including Bash, Write, Edit, and Task (for sub-agent spawning).
- Sanitization: There is no evidence of data sanitization, escaping, or validation logic to mitigate risks from external or file-based content.
Audit Metadata