Skills
skills/atemndobs/nebula-rfp/compliance-matrix/Gen Agent Trust Hub

compliance-matrix

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The requirement extraction logic is vulnerable to indirect prompt injection.
  • Ingestion points: The extractRequirements function in SKILL.md directly interpolates untrusted RFP text (rfp.description) into the AI prompt template.
  • Boundary markers: There are no delimiters or specific instructions (e.g., 'ignore embedded commands') to separate the untrusted RFP content from the system instructions.
  • Capability inventory: The skill has the capability to read files using Read, Grep, and Glob tools and can perform database writes via Convex mutations (saveComplianceMatrix).
  • Sanitization: The skill does not perform any sanitization or validation of the input RFP text before sending it to the AI provider.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 03:08 PM