hexagone-frontend
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill retrieves technical documentation from an internal GitLab instance (
gitlab-erp-pas.dedalus.lan). This is a legitimate vendor resource used to provide up-to-date component information.\n- [PROMPT_INJECTION]: The skill processes external documentation, creating an attack surface for indirect prompt injection.\n - Ingestion points: Documentation markdown files fetched from the GitLab repository.\n
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the documentation fetching logic.\n
- Capability inventory: The skill utilizes the WebFetch tool for data retrieval.\n
- Sanitization: There is no specified logic for sanitizing or escaping the fetched content before processing.\n- [DATA_EXFILTRATION]: No sensitive local data access or external exfiltration attempts were identified. Network activity is limited to the declared documentation source.
Audit Metadata