skills/datadrivenconstruction/ddc_skills_for_ai_agents_in_construction/permit-tracking-automation/Gen Agent Trust Hub
permit-tracking-automation
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface Detection
- Ingestion points: The skill processes user-provided project data in CSV, Excel, and JSON formats (instructions.md).
- Boundary markers: No explicit delimiters or specific instructions to isolate untrusted data from the agent's command context are present.
- Capability inventory: The skill possesses filesystem permissions and uses the pandas library to write Excel reports (SKILL.md).
- Sanitization: The skill instructions mention input validation, but there is no evidence of programmatic sanitization or escaping of external content within the provided logic.
Audit Metadata