fishbone-diagram
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill requires the
Bashtool to execute Python scripts (e.g.,scripts/generate_diagram.py,scripts/generate_report.py) which were referenced but not provided for analysis. This grants the agent the ability to execute code on the local system to generate visual assets. - [PROMPT_INJECTION] (LOW): (Category 8: Indirect Prompt Injection) The skill ingests untrusted user data to populate diagrams and reports, presenting a potential injection surface. 1. Ingestion points: Phase 1 (Problem Definition) and Phase 3 (Cause Brainstorming) in
SKILL.md. 2. Boundary markers: None identified in the workflow for separating user input from script execution parameters. 3. Capability inventory:Bashexecution of Python scripts as described inHOW_TO_USE.md. 4. Sanitization: No sanitization or validation of user-provided strings is documented before they are passed to the SVG/HTML generation scripts, which could lead to XSS or injection in generated documents.
Audit Metadata