function-creator
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The example function
generateTaskSuggestiondemonstrates an attack surface where untrusted user input is directly passed to an LLM. \n - Ingestion points:
args.promptingenerateTaskSuggestion(SKILL.md)\n - Boundary markers: Absent\n
- Capability inventory: External API call (OpenAI) and database write (
ctx.runMutation) (SKILL.md)\n - Sanitization: Absent; input is directly interpolated into the message array.\n- [Data Exposure & Exfiltration] (SAFE): The skill demonstrates best practices for secret management by using environment variables (
process.env.OPENAI_API_KEY,process.env.SENDGRID_API_KEY) rather than hardcoding credentials.
Audit Metadata