verify-runtime
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill analyzes local log files (.logs/dev-*.jsonl) to diagnose application behavior, which creates an indirect prompt injection surface where malicious data in logs could influence the agent.
- Ingestion points: Local JSONL files and developer HTTP endpoints.
- Boundary markers: No explicit markers or instructions to ignore embedded content are provided.
- Capability inventory: The skill utilizes standard developer tools including npm scripts, curl, and grep.
- Sanitization: There is no evidence of log content sanitization or validation before the agent processes the data.
Audit Metadata