mitm-report
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is designed for documenting security assessment findings. It provides a static template and instructions for manual data collection using the standard mitmproxy tool suite. No automated execution of dangerous commands, network exfiltration, or persistence mechanisms were found.\n- [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection because it instructs the agent to process external data from log files (
log.txt). Content captured in traffic logs (such as malicious HTTP headers or bodies) could attempt to influence the agent's analysis or output when generating the report.\n - Ingestion points: The agent reads and analyzes findings from
log.txtin the current directory.\n - Boundary markers: No explicit delimiters or boundary warnings are provided to separate log data from agent instructions.\n
- Capability inventory: The agent is tasked with summarizing and formatting findings from the log data into a structured report.\n
- Sanitization: There are no instructions or scripts provided to sanitize or validate the content of the log files before processing.
Audit Metadata