context-compression
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The
scripts/compression_evaluator.pyscript contains a vulnerability surface for indirect prompt injection due to its processing of untrusted conversation data. - Ingestion points: Untrusted content enters the system through the
conversation_historyparameter in theProbeGeneratorclass and thenew_contentparameter in theStructuredSummarizer.update_from_spanmethod within thescripts/compression_evaluator.pyfile. - Boundary markers: There are no explicit boundary markers, delimiters, or system instructions used to distinguish between conversation data and potential instructions within the processed spans.
- Capability inventory: The script's capabilities are limited to string processing, regular expression matching, and JSON serialization. No subprocess execution, file writing, or network request capabilities were detected across the analyzed files.
- Sanitization: No sanitization, escaping, or validation is performed on the input strings before they are processed by regular expressions or included in generated summaries.
Audit Metadata