problem-definition
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill possesses an Indirect Prompt Injection surface (Category 8) due to its processing of untrusted user data into downstream tool calls and generated documents.\n
- Ingestion points: User-provided text describing defects, locations, and symptoms during the structured 5W2H elicitation workflow (defined in references/question-bank.md).\n
- Boundary markers: The documentation for the MCP tool integration (knowledge-integration.md) and report generation does not specify the use of delimiters or 'ignore' instructions when interpolating user data.\n
- Capability inventory: The skill utilizes the 'knowledge_search' MCP tool for standards lookup and local Python scripts (generate_report.py, score_analysis.py) for file generation and analysis.\n
- Sanitization: The README notes the implementation of 'html.escape()' and path validation in the Python scripts to mitigate XSS and path traversal, although the scripts themselves were not included in the skill bundle for direct verification.
Audit Metadata