data-pipeline
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to process data from external, untrusted sources, making it vulnerable to indirect prompt injection. \n
- Ingestion points: Extracts data from Shopify, Stripe, PostgreSQL, MySQL, MongoDB, and files (CSV, Excel, JSON) as documented in SKILL.md. \n
- Boundary markers: The templates do not define delimiters or instructions to ignore commands that may be embedded within the source data. \n
- Capability inventory: Utilizes tools including api_fetch, database_query, and file_transform to process and move data. \n
- Sanitization: No logic is provided to sanitize or validate external content before it is processed or passed to subsequent stages. \n- [DATA_EXFILTRATION]: The skill enables data movement between various external platforms and performs network operations to non-whitelisted domains such as api.example.com. Although this is the primary intended functionality, it constitutes a data exposure surface when combined with external data ingestion.
Audit Metadata