competition-file-parser-chain
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill defines a specialized workflow for security analysts to map file ingress, trace parser boundaries, and identify decisive effects in a sandbox environment. The instructions focus on documentation and reconstruction of file handling logic within the $ctf-sandbox-orchestrator framework.\n- [PROMPT_INJECTION]: The skill facilitates the processing of untrusted external data (file uploads, archives, and serialized objects), which creates a surface for indirect prompt injection. While inherent to the skill's primary purpose for security research, this surface exists because the agent is instructed to inspect content that may contain adversarial instructions.\n
- Ingestion points: File uploads, multipart names, archive members, and serialized objects referenced in SKILL.md and references/file-parser-chain.md.\n
- Boundary markers: Not explicitly defined in the instructions for separating untrusted data from the agent's reasoning context.\n
- Capability inventory: The skill assumes the agent can inspect file metadata, trace logic branches, and analyze conversion/parser outputs, implying access to diagnostic tools in the host environment.\n
- Sanitization: No specific sanitization or filtering of file content is mandated in the provided analysis workflow.
Audit Metadata