template-engine
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected because the skill processes untrusted external data.
- Ingestion points: The skill reads data from external CSV files (
data_csv) and document templates (template_path) via themail_mergeandfill_templatefunctions. - Boundary markers: No explicit delimiters or instructions to the model to ignore embedded commands are present in the template rendering process.
- Capability inventory: The skill possesses file system read and write capabilities for various document formats through
docxtpl,openpyxl, and thecsvmodule. - Sanitization: The skill does not perform input validation or sanitization on external data before it is interpolated into templates using Jinja2 logic.
Audit Metadata