regex-vs-llm-structured-text
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The validate_with_llm function in SKILL.md is susceptible to indirect prompt injection.
- Ingestion points: External content passed via the original_text variable is directly embedded into the prompt string.
- Boundary markers: The implementation lacks distinct delimiters (like XML tags) or specific instructions to the model to ignore potential commands within the input text.
- Capability inventory: While the skill focuses on extraction, compromised extraction results could negatively impact any application logic relying on this data.
- Sanitization: There is no evidence of input validation or sanitization before the data is processed by the LLM.
Audit Metadata