analyze-function
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill is designed to read and output the contents of local files provided via the filename argument.\n
- Evidence: The skill instructions explicitly state that the agent will "Read and locate the function in the specified file".\n
- Risk: If the agent possesses broad read permissions, this capability could be exploited to access sensitive configuration files or environment variables instead of the intended source code.\n- [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection (Category 8) because it processes untrusted data from external files.\n
- Ingestion points: The contents of the file specified by the user in the
filenameargument are ingested into the agent's context for analysis.\n - Boundary markers: Absent. The instructions do not define delimiters or provide specific commands to ignore potential instructions embedded within the code or comments of the analyzed file.\n
- Capability inventory: The skill utilizes file-reading capabilities to retrieve the function's source code.\n
- Sanitization: Absent. No filtering, validation, or sanitization of the file content is described before it is analyzed by the model.
Audit Metadata