raffle-winner-picker
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill possesses a surface for Indirect Prompt Injection (Category 8) as it is designed to ingest and process untrusted data from external sources such as Google Sheets, CSV, and Excel files. An attacker could embed instructions within the source data to manipulate the agent's selection process or output. • Ingestion points: File paths and Google Sheet URLs provided in user queries. • Boundary markers: None specified in the documentation. • Capability inventory: Reading and displaying content from external files/URLs. • Sanitization: No sanitization or validation logic is defined to mitigate malicious content in ingested data.
- [NO_CODE] (SAFE): The skill consists of a single markdown file with no scripts, binaries, or configuration files, eliminating threats associated with direct code execution, persistence, or unauthorized system access.
Audit Metadata