settings
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill processes and modifies project configuration files.
- Ingestion points: The agent reads src/project/settings.py via the Read tool.
- Boundary markers: No delimiters or ignore-instructions are specified to protect against malicious content in the settings file.
- Capability inventory: The agent possesses Read and Edit tools to manipulate the codebase.
- Sanitization: There is no evidence of input validation or sanitization for the data processed from the file.
Audit Metadata