mitm-find-secrets
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the analysis of untrusted data from network traffic logs (
log.txt), creating an attack surface for indirect prompt injection. - Ingestion points: The agent processes the contents of
log.txt(referenced in SKILL.md), which is generated from external network traffic captures. - Boundary markers: There are no defined delimiters or instructions to help the AI agent distinguish between the log data being analyzed and the task instructions.
- Capability inventory: The skill leverages the agent's ability to read local files and perform pattern matching across captured traffic.
- Sanitization: The instructions do not include steps for sanitizing or escaping the content of the captured traffic before processing it.
Audit Metadata