evidence-verifier
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates reading and processing external file content and URL responses to verify evidence claims, establishing a surface for indirect prompt injection attacks.\n
- Ingestion points: Step 2 involves reading file content and fetching URL responses as specified in SKILL.md.\n
- Boundary markers: No delimiters or instructions to ignore potential commands within the evidence are provided.\n
- Capability inventory: The skill utilizes file system listing, file reading, and network fetching.\n
- Sanitization: No sanitization or safety-filtering of the ingested content is defined.\n- [DATA_EXFILTRATION]: The skill requires fetching arbitrary URLs to verify artifacts, which involves network activity to domains not explicitly whitelisted.
Audit Metadata