scout-vet
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes job descriptions from external sources (discovered jobs) without adequate protection against embedded instructions.
- Ingestion points: Content is read from job files located in
~/.scout/jobs/. - Boundary markers: The instructions do not define clear delimiters or specify that the agent should ignore instructions contained within the job data during evaluation.
- Capability inventory: The skill has permissions to read and write to the local
~/.scout/directory, update file frontmatter, append to a history log, and use theWebSearchtool. - Sanitization: There is no mention of sanitizing or filtering the job description text before it is evaluated.
Audit Metadata