skill
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted external documents (PDFs, images, spreadsheets) and remote URLs which are converted to markdown and summarized for the agent. * Ingestion points: Local file paths and remote URLs provided by the user in Step 2. * Boundary markers: Absent. There are no delimiters or instructions provided to the agent to disregard potential malicious instructions within the parsed document content. * Capability inventory: The skill uses the Bash tool to execute curl, jq, cat, and mkdir commands across several files. * Sanitization: No sanitization or filtering of the document's text content is performed before it is presented to the agent.
- [COMMAND_EXECUTION]: The skill relies on the execution of shell commands via a Bash tool to perform its primary functions, including network requests and file system operations.
- [EXTERNAL_DOWNLOADS]: The skill interacts with external API endpoints at api.va.landing.ai and api.va.eu-west-1.landing.ai to process documents.
Audit Metadata