building-tables
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest data from external APIs and URLs, which creates a surface for indirect prompt injection if the source data contains malicious instructions.\n
- Ingestion points: Data enters the agent's context via
scripts/export_table_data.py(which fetches from arbitrary URLs) andexamples/server-side-sorting.tsx(which calls a user API).\n - Boundary markers: The provided implementation lacks delimiters or instructions to ignore embedded commands in the rendered table data.\n
- Capability inventory: The skill possesses capabilities for network requests (Category 2/4 surface) and local file writing.\n
- Sanitization: No content validation or sanitization of the data values is performed before display or export.
Audit Metadata