Skills
skills/ingpdw/pdw-python-dev-tool/agent-workflow/Gen Agent Trust Hub

agent-workflow

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill identifies a surface for indirect prompt injection where untrusted data enters the agent context.
  • Ingestion points: User-provided message in the FastAPI /chat and /chat/stream endpoints and CLI input loop in assets/graph-template.py.
  • Boundary markers: Absent. The user input is directly concatenated or passed into the message list without delimiters like XML tags or explicit 'ignore embedded instructions' warnings.
  • Capability inventory: The agent can invoke tools (search_knowledge_base, get_current_time) and maintain conversation state, though current tools are mocked or benign.
  • Sanitization: Absent. No escaping or validation is performed on the input string before it is passed to the LLM.
  • [SAFE] (SAFE): No hardcoded credentials, malicious network exfiltration, or obfuscated code patterns were found in the script.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:49 PM