traqo-tracing
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by ingesting and processing untrusted trace data. Ingestion points: Processes .jsonl, .jsonl.gz, and .zst files from local storage, AWS S3, and Google Cloud Storage. Boundary markers: There are no specified delimiters or instructions to ignore embedded prompts within the trace data. Capability inventory: The skill uses shell commands like
jq,grep, andzcat, as well as Python integrations to extract and interpret data. Sanitization: No sanitization or validation of the trace file content is documented before the data is processed or displayed. - [COMMAND_EXECUTION]: The skill relies on executing various shell utilities (
ls,tail,jq,zcat,gzcat,zgrep) to query and manipulate trace files, including command patterns that involve loops and piping. - [EXTERNAL_DOWNLOADS]: Provides instructions for downloading data from well-known cloud services, specifically using
gcloud storage cpfor Google Cloud andaws s3 cpfor Amazon S3.
Audit Metadata