report
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes findings from external security tools that could contain malicious instructions.
- Ingestion points: Data is read from .appsec/findings.json, .appsec/scanners/, and .appsec/model/.
- Boundary markers: The workflow does not define any delimiters or instructions to ignore embedded prompts within the source data.
- Capability inventory: The skill performs file reading and writing operations within the .appsec directory.
- Sanitization: There is no mention of escaping or validating the content of security findings before inclusion in the report.
- [NO_CODE]: The skill consists exclusively of a markdown file defining a workflow and contains no executable code or scripts.
Audit Metadata