mitm-find-pii
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it requires the agent to parse and interpret untrusted content from network traffic logs (
log.txt). An attacker-controlled server could include malicious instructions in an API response which, when captured in the log, might be executed by the agent during analysis. - Ingestion points: The agent is explicitly instructed to analyze the content of
log.txtin the current directory. - Boundary markers: The skill lacks delimiters or explicit instructions to the agent to treat the log content as data-only and ignore any embedded commands.
- Capability inventory: While the skill provides analysis guidelines, the agent's own toolset (file system access, terminal execution) remains available and could be targeted by instructions hidden in the traffic dump.
- Sanitization: The skill provides no mechanism for sanitizing or filtering the traffic data before it is processed by the agent.
Audit Metadata