traceability-matrix-generator
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by design, as it is built to ingest and process data from untrusted external sources like requirement documents and source code.\n
- Ingestion points: Data is ingested from multiple file types across the codebase, including Markdown files in
extract_requirements, Word documents viapython-docx, Excel spreadsheets viaopenpyxl, and PDF files viaPyPDF2.\n - Boundary markers: The provided extraction and scanning scripts do not implement boundary markers or instructions to the model to ignore embedded commands or instructions within the parsed artifacts.\n
- Capability inventory: The skill is designed to perform extensive file system read and write operations, including generating Markdown tables, CSV files, and HTML visualizations.\n
- Sanitization: The
generate_html_visualizationfunction inSKILL.mddirectly interpolates extracted data (such as requirement IDs and titles) into an HTML template using f-strings without escaping or sanitization, creating a Cross-Site Scripting (XSS) risk if the output is rendered in a browser.
Audit Metadata