Skills
skills/atemndobs/nebula-rfp/rfp-ingest/Gen Agent Trust Hub

rfp-ingest

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection surface identified. Untrusted data from external sources is ingested and stored without sufficient isolation. \n
  • Ingestion points: RFP data is fetched from the SAM.gov API in convex/ingestion.ts and parsed from user-uploaded CSV files in convex/ingestion/rfpmartCsv.ts. \n
  • Boundary markers: Absent. The skill does not wrap the ingested RFP titles, descriptions, or summaries in delimiters to distinguish data from instructions. \n
  • Capability inventory: The skill uses ctx.runMutation to write ingested data to the database and fetch to communicate with external APIs. \n
  • Sanitization: Absent. No escaping, validation, or filtering of the external content (e.g., HTML or markdown in descriptions) is performed before storage. \n- [EXTERNAL_DOWNLOADS]: Fetches RFP opportunity data from the official SAM.gov government API. This is a well-known service and the connection is managed using environment variables for authentication.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 03:08 PM