atlan-sdk-objectstore-io-defaults
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill instructs the agent to refer to remote SDK documentation when local sources are unavailable. This is a vector for untrusted data ingestion. 1. Ingestion points: Remote SDK source and documentation specified in references/defaults.md. 2. Boundary markers: Absent; no instructions provided to ignore or delimit embedded commands. 3. Capability inventory: Subprocess execution of verification gates and local file system read access. 4. Sanitization: Absent; the agent is not instructed to validate or sanitize the remote content.
- Command Execution (SAFE): The workflow requires running atlan-fact-verification-gate. While this is a command execution, it is an expected part of the development lifecycle described in the skill and does not appear to involve unsanitized input.
Audit Metadata