oebb-scotty
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection surface. • Ingestion points: The scripts arrivals.sh, departures.sh, search-station.sh, and trip.sh accept station names, dates, and times as CLI arguments. • Boundary markers: No delimiters or instructions are used to separate user-provided data from the API request structure. • Capability inventory: The skill performs network requests to the official ÖBB domain via curl and processes responses with jq. • Sanitization: Absent; user input is directly interpolated into JSON payloads within the shell scripts.
- [COMMAND_EXECUTION]: The skill utilizes local shell scripts to perform network requests and data processing. • Evidence: The skill includes five scripts (arrivals.sh, departures.sh, disruptions.sh, search-station.sh, trip.sh) that execute curl and jq commands to fetch and filter data from the ÖBB Scotty API. This behavior is expected for the skill's purpose.
Audit Metadata