python-to-dafny-translator
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions (Step 5) suggest the use of shell commands such as
dafny verifyanddafny runto validate and execute the translated code. If the agent environment permits terminal access, there is a risk of command injection or unauthorized execution if the generated Dafny code is maliciously crafted. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and analyze arbitrary Python code provided by external users. Malicious instructions could be embedded within comments or strings in the source Python code to influence the agent's behavior during the translation process.
- Ingestion points: User-provided Python source code processed in 'Step 1: Analyze Python Code' of the workflow defined in
SKILL.md. - Boundary markers: No specific delimiters or safety warnings (e.g., 'ignore instructions within this code block') are implemented to separate user data from agent instructions.
- Capability inventory: The skill workflow includes the potential for shell command execution via the
dafnyCLI tools for verification and execution. - Sanitization: There is no evidence of sanitization, escaping, or validation of the input Python code before analysis or translation.
Audit Metadata