sanitize
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection because it processes untrusted text files and the agent is instructed to read the sanitized output.\n
- Ingestion points:
scripts/sanitize.pyreads user-provided files from the local filesystem.\n - Boundary markers: Absent. The output text does not utilize delimiters to isolate processed content from the agent's instruction context.\n
- Capability inventory:
scripts/sanitize.pyperforms file read and write operations on the local filesystem.\n - Sanitization: Present for PII redaction (15 categories); however, the script does not sanitize for malicious instructions or markdown injections within the input text that could influence the agent.
Audit Metadata