address-parser
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill exhibits an indirect prompt injection surface (Category 8). Evidence: 1. Ingestion point:
pd.read_csv(args.input)inaddress_parser.py. 2. Boundary markers: Absent. 3. Capability inventory:to_csvfor local file writing and stdout printing. 4. Sanitization: None. While the tool lacks protection against malicious instructions embedded in the input data, its risk is low as its capabilities are restricted to data transformation and local file output without side effects on the agent context or system. - [SAFE] (SAFE): No malicious patterns such as obfuscation, hardcoded credentials, or unauthorized network access were detected. The dependency on pandas is verifiable and appropriate for the task.
Audit Metadata