api-integration
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides structural guidance and code snippets for Java/Spring applications. No malicious logic, obfuscation, or hardcoded credentials were detected.
- [EXTERNAL_DOWNLOADS]: The skill references data endpoints from trusted government and international entities (Riksdagen, World Bank, ESV). These are recognized as trusted, well-known services for data retrieval.
- [PROMPT_INJECTION]: The skill defines patterns for ingesting untrusted external data, which represents an indirect prompt injection surface. Ingestion points: External government APIs listed in SKILL.md. Boundary markers: Recommended in text instructions. Capability inventory: No dangerous execution capabilities (subprocess, exec, etc.) are present. Sanitization: The documentation explicitly mandates data validation and sanitization for all external input.
Audit Metadata