ontology-mapper
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified in the mapping logic.\n
- Ingestion points: The skill ingests natural language terms in
scripts/concept_mapper.pyvia CLI arguments and material sample descriptions (JSON) inscripts/sample_annotator.py.\n - Boundary markers: Absent; script outputs are returned to the agent context without specific delimiters or untrusted data warnings.\n
- Capability inventory: Capabilities are limited to reading local filesystem data (summaries and mappings); the skill contains no network, subprocess spawning, or dynamic code execution capabilities.\n
- Sanitization: Inputs used in regex matching are escaped using
re.escape(). Material parameters (lattice constants, angles, space groups) undergo numeric validation and range checking against crystallographic rules.\n- [SAFE]: The skill is implemented using only the Python standard library, fulfilling its claim of having no external dependencies.\n- [SAFE]: No evidence of hardcoded credentials, data exfiltration, obfuscation, or persistence mechanisms was detected in the provided files.
Audit Metadata