mitre
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection as it interpolates untrusted finding descriptions into its analysis flow.
- Ingestion points: Findings are ingested from
.appsec/findings.jsonand user-provided file paths as described inSKILL.md. - Boundary markers: Absent; the skill does not wrap findings in delimiters or provide instructions to ignore embedded commands.
- Capability inventory: Safe; no subprocess calls, network operations, or file-writing capabilities were identified in the skill instructions.
- Sanitization: Absent; the skill performs structural validation but does not filter or sanitize the textual content of findings.
- [NO_CODE]: This skill is entirely instructional (markdown) and does not ship with any executable code, scripts, or library dependencies.
Audit Metadata