regression
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it processes external data that could contain malicious instructions.
- Ingestion points: The agent reads the fix history, including vulnerable code snippets and descriptions, from the
.appsec/fixed-history.jsonfile in Step 1. - Boundary markers: There are no explicit instructions to use delimiters or ignore embedded instructions within the data being analyzed.
- Capability inventory: The skill performs complex semantic analysis, traces data flows, generates reports, and writes output to the filesystem at
.appsec/findings.json. - Sanitization: No sanitization or validation logic is specified for the content read from the history file before it is processed by the agent's logic.
Audit Metadata