brand-decathlon
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface detected (Category 8). The skill instructs the agent to process untrusted data ('document topic') which then influences content generation and tool usage.
- Ingestion points: The 'document topic' provided by the user is used to construct AI prompts for imagery and charts (SKILL.md).
- Boundary markers: No delimiters or safety instructions are present to prevent the agent from obeying instructions embedded within the user-provided topic.
- Capability inventory: The skill requests
Bash,Read, andWritepermissions, which could be exploited if the document topic contains command injection patterns and is passed unsanitized to external scripts likerender.py. - Sanitization: There is no evidence of input validation or sanitization for the data processed by the skill.
- [EXTERNAL_DOWNLOADS] (LOW): The skill references an external asset library for icons.
- Evidence:
assets/manifest.jsonpoints tohttps://unpkg.com/@phosphor-icons/core@2.1.1/assets/regular. While unpkg is a legitimate CDN, it is not a trusted source according to the strict security policy. - [NO_CODE] (SAFE): The skill consists entirely of configuration files (JSON), documentation (Markdown), and layout definitions. No executable scripts (.py, .js, .sh) are included in the skill package.
Audit Metadata