data-engineering-data-driven-feature
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill interpolates user-supplied data from the
$ARGUMENTSvariable directly into prompts for specialized subagents without using boundary markers or sanitization, creating a surface for indirect prompt injection. - Ingestion points: Found in prompts across all sub-skill definition files, such as
sub-skills/1-exploratory-data-analysis.mdandsub-skills/7-backend-implementation.md. - Boundary markers: Delimiters like XML tags or triple quotes are absent, and there are no instructions to the subagents to ignore embedded instructions in the user data.
- Capability inventory: The subagents involved have significant capabilities, including backend and frontend code implementation, infrastructure deployment, and data pipeline configuration.
- Sanitization: No input validation or sanitization routines are specified to process user input before it is used in subagent prompts.
Audit Metadata