interval-difference-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted program files, creating a surface for indirect prompt injection where an attacker could craft docstrings or comments in the input code to manipulate the resulting analysis report and mislead the agent. * Ingestion points: The
scripts/interval_analyzer.pyscript reads the file content from the path provided in the--programargument. * Boundary markers: No delimiters are used to separate untrusted code content from the analysis output generated for the agent. * Capability inventory: The skill is limited to local file reading and writing JSON reports; it lacks network access and does not execute the analyzed code. * Sanitization: Input is processed via Python'sastlibrary, which performs safe structural parsing rather than dynamic code execution.
Audit Metadata