go-prompt-sensitivity
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes customer-provided text signals which are interpolated directly into prompts for classification. This presents an indirect prompt injection surface where instructions embedded within the signals could attempt to influence the agent's behavior. 1. Ingestion points: Data from references/signals.json is processed in scripts/baseline_classify.py. 2. Boundary markers: The baseline prompt lacks explicit delimiters or instructions to ignore embedded commands. 3. Capability inventory: The skill is limited to file operations within the local outputs/ directory and network communication with official LLM provider APIs. 4. Sanitization: No specific sanitization or escaping of the input signals is performed.
- [EXTERNAL_DOWNLOADS]: The skill references standard, well-known Python packages (openai, anthropic, pandas) and the author's own GitHub repository for setup and execution. These are appropriate for the skill's stated purpose.
- [COMMAND_EXECUTION]: The provided Python scripts perform data processing, API interactions, and results evaluation. They use standard libraries and follow best practices for local execution within the audit environment.
Audit Metadata