ghidra-headless-frida-evidence
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes externally captured Frida evidence bundles, representing an indirect prompt injection surface.
- Ingestion points: External Frida traces and logs are ingested into the agent context through planning-brief.md and templates/frida-evidence-manifest.md.
- Boundary markers: The skill employs structured Markdown templates and specific audit checklists to organize data, though it lacks explicit instructions for the agent to treat input data as non-executable text.
- Capability inventory: The skill is restricted to generating text-based planning artifacts (spec.md, plan.md, tasks.md) and explicitly forbids live Frida execution or script execution within its scope.
- Sanitization: No explicit sanitization or filtering of the trace content is described in the instructions.
Audit Metadata