product-appeal-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it uses the
WebFetchtool to ingest content from arbitrary external URLs for analysis.\n - Ingestion points: The agent is instructed to use
WebFetchon a target URL to analyze live content as described inSKILL.md.\n - Boundary markers: There are no explicit instructions or delimiters defined to separate untrusted web content from the agent's internal instructions.\n
- Capability inventory: The skill utilizes
Read,Write,Edit,WebFetch, and executes a local Python scriptscripts/appeal_scorer.py.\n - Sanitization: No specific sanitization or filtering of the fetched content is implemented before processing.\n- [COMMAND_EXECUTION]: The skill instructs the agent to execute its own local script,
scripts/appeal_scorer.py, to generate structured data. This script uses standard Python libraries and does not perform any dangerous operations.
Audit Metadata