json-config-helper
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is intended to process external and potentially untrusted JSON data from configuration files (e.g., package.json, Docker configs, .vscode settings).
- Ingestion points: Instructions explicitly list reading and processing multiple external JSON file types.
- Boundary markers: There are no instructions for the agent to use delimiters or ignore instructions that might be embedded within the JSON values being processed.
- Capability inventory: The skill relies on the 'jq' tool for command execution, which could be misused if the agent is tricked by malicious content inside a JSON file.
- Sanitization: No sanitization or schema enforcement is provided to ensure the input data does not contain malicious instructions.
- Remote Code Execution (SAFE): No remote scripts or unverified dependencies are downloaded or executed. The skill only references the common utility 'jq'.
- Data Exfiltration (SAFE): No patterns for exfiltrating sensitive data or accessing credentials were found.
Audit Metadata