critical-interval-security-checker
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external code files for analysis, creating a vulnerability surface for indirect prompt injection.
- Ingestion points: The
scripts/check_intervals.pyscript reads and analyzes content from user-specified file paths. Additionally, the manual workflow inSKILL.mdinstructs the agent to review code provided by the user. - Boundary markers: The instructions lack explicit requirements for the agent to use protective delimiters (such as XML tags) or to ignore instructions found within the analyzed code comments or strings.
- Capability inventory: The skill has the capability to read local files and execute a local Python script for static analysis.
- Sanitization: There is no evidence of content sanitization or instruction filtering applied to the ingested files before they are presented to the agent's reasoning engine.
- [COMMAND_EXECUTION]: The skill requires the execution of a local Python script for its primary functionality.
- Evidence:
SKILL.mdcontains instructions to executepython scripts/check_intervals.pyto perform automated security checks on a directory or file. - Context: The script is a local vendor-provided resource (
ArabelaTso) that performs static regex-based analysis using regular expressions and does not interact with the network or execute the target code.
Audit Metadata