Skills
skills/intelli-train-ai/skills/template-engine/Gen Agent Trust Hub

template-engine

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes external data from CSV files and document templates, which creates a surface for indirect prompt injection where malicious instructions could be embedded in the input sources.
  • Ingestion points: Data enters the agent context via template_path and data_csv parameters in the fill_template and mail_merge functions within SKILL.md.
  • Boundary markers: No explicit boundary markers or delimiters are defined to separate instructions from data during template rendering.
  • Capability inventory: The skill has file system write capabilities (doc.save, wb.save, Path.mkdir) and uses the Jinja2 engine for rendering content.
  • Sanitization: There is no evidence of input validation or sanitization for the data processed from CSV or template files.
  • [COMMAND_EXECUTION]: The skill uses the docxtpl library and Jinja2 for template rendering (doc.render(data)). This represents a dynamic execution surface where Server-Side Template Injection (SSTI) could occur if templates are sourced from untrusted users and the Jinja2 environment is not sandboxed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 05:18 AM