telemetry-insight-engine
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and analyze external telemetry data, which is an untrusted source.
- Ingestion points: The
inputargument inSKILL.mdaccepts paths to telemetry data (JSON). - Boundary markers: No delimiters or instructions to ignore embedded prompts within the JSON data are present.
- Capability inventory: The skill is designed to feed requirements into a secondary tool, the
requirements-wizard, creating a multi-step chain vulnerability. - Sanitization: No sanitization or validation logic is specified for the telemetry data input.
- Data Exposure (LOW): The skill documentation explicitly mentions the integration of 'Confidential' and 'Personal' knowledge tiers including 'secrets'. While intended for legitimate analysis, this confirms the skill has access to sensitive data surfaces.
- Metadata Poisoning (SAFE): The skill includes an authoritative safety claim ('ensuring no leaks to public outputs') in its Knowledge Protocol. Per security guidelines, this is treated as an unverified claim rather than a security guarantee.
Audit Metadata