casualize-names
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it interpolates untrusted data from Google Sheets into prompts for the Anthropic API.
- Ingestion points: Data is ingested from the 'first_name', 'company_name', and 'city' columns of a user-provided spreadsheet in
scripts/casualize_batch.pyand the individual field scripts. - Boundary markers: While data is structured as JSON or numbered lists, the prompt lacks explicit delimiters or system instructions to ignore embedded commands within the data cells.
- Capability inventory: The skill possesses the capability to perform network operations to the Anthropic API and write operations back to the Google Sheet via
gspread. - Sanitization: No input validation, escaping, or filtering is applied to the spreadsheet content before it is processed by the LLM.
Audit Metadata