ascn-integrations
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill architecture presents a vulnerability surface for indirect prompt injection due to its core function of generating platform logic from user-provided requirements.
- Ingestion points: Untrusted data enters the agent context through the
capability_gap_summary,target_use_cases, andexpected_contractinputs defined inSKILL.mdandcontracts/skill-contract.yaml. - Boundary markers: Absent. The instructions do not define any delimiters or specific warnings for the agent to ignore instructions embedded within the user-provided integration requirements.
- Capability inventory: Across
SKILL.md,agents/openai.yaml, andcontracts/skill-contract.yaml, the skill is granted capabilities to create, modify, and activate workflows and plugins via tools such ascontrol.workflows.create,control.workflows.patch,control.workflows.activate, andcontrol.plugins.create_plugin. - Sanitization: Absent. There is no evidence of sanitization, escaping, or strict schema validation performed on the natural language descriptions provided by the user before they are used to generate integration logic.
Audit Metadata