raffle-winner-picker
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of Markdown documentation and does not contain any executable scripts, binaries, or configuration files.
- [PROMPT_INJECTION]: The skill describes a workflow to ingest and process untrusted external data (e.g., Google Sheets, CSV, Excel), creating a surface for Indirect Prompt Injection. Ingestion points: User-supplied Google Sheet URLs and local file paths (CSV/XLSX) in SKILL.md. Boundary markers: No delimiters or instructions are specified to prevent the agent from interpreting spreadsheet content as commands. Capability inventory: The described functionality implies the agent has permissions to read local files and access external spreadsheet services. Sanitization: No mention of input validation or escaping for the data rows before processing.
Audit Metadata