architect-python-uv-takehome
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the creation of document extraction pipelines that ingest untrusted data, representing a surface for indirect prompt injection. \n
- Ingestion points: Document processing logic located in the
src/extractor/directory, as specified inSKILL.md. \n - Boundary markers: The scaffold does not include predefined delimiters or safety instructions to prevent the agent from obeying commands embedded within the documents it parses. \n
- Capability inventory: Generated projects have the capability to write to the local filesystem (into the
output/directory) and can optionally interact with LLM providers using theopenailibrary. \n - Sanitization: The skill provides no default mechanisms for sanitizing or validating extracted text before it is utilized in downstream agent logic or narrative reporting.
Audit Metadata