loop-detect
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script
growth-loop-modeler.pywith various subcommands (detect-loops,project) to perform growth modeling tasks.- [PROMPT_INJECTION]: The skill ingests untrusted data from multiple sources, presenting a risk of indirect prompt injection. - Ingestion points: Loads business metrics, growth goals, and brand profiles from local JSON files and user input.
- Boundary markers: The skill lacks delimiters or explicit instructions to ignore embedded commands within the processed data.
- Capability inventory: The skill possesses shell execution capabilities through the invocation of Python scripts.
- Sanitization: There is no evidence of validation, escaping, or filtering for the external metrics and configuration data before they are processed.- [NO_CODE]: The core logic script
growth-loop-modeler.pyis referenced in the process instructions but is not included in the skill package, preventing a full security assessment of its internal operations.
Audit Metadata