mitm-find-callback
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes
log.txt, which contains raw network traffic captured viamitmdump. This external data is untrusted and could be crafted by an attacker to contain malicious instructions designed to mislead the agent or influence its analysis of the payment flow. - Ingestion points: Reads
log.txt(captured network traffic dumps). - Boundary markers: None present to distinguish between log content and agent instructions.
- Capability inventory: The agent performs data analysis and generates technical exploit examples based on the log content.
- Sanitization: No validation or sanitization of the log content is performed before processing.
Audit Metadata