skills/datadrivenconstruction/ddc_skills_for_ai_agents_in_construction/n8n-project-management/Gen Agent Trust Hub
n8n-project-management
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted data from multiple sources without isolation.
- Ingestion points: The skill processes user-provided data in CSV, Excel, and JSON formats as described in
instructions.md, as well as messages from Telegram and records from Google Sheets as described inSKILL.md. - Boundary markers: There are no specific delimiters or instructions to ignore embedded commands within the processed data provided in the instructions or the integration code.
- Capability inventory: The Python implementation in
SKILL.mdutilized by the agent includes therequestslibrary for network operations andgspreadfor manipulating Google Sheets data. - Sanitization: No explicit input validation or sanitization routines are present to handle potentially malicious content within the external data before processing.
Audit Metadata