troubleshooting-rca
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection vulnerability surface detected.
- Ingestion points: The skill explicitly ingests untrusted data including logs, stack traces, and error messages as part of the RCA procedure (SKILL.md).
- Boundary markers: Absent. No delimiters or instructions are provided to the agent to treat external log content as data rather than instructions.
- Capability inventory: The skill is configured with
Bash(*)andRead FileSearch(*)capabilities, which provide a high-impact target for an injection attack via log content. - Sanitization: Absent. There is no requirement or guidance for the agent to sanitize or escape the content of the logs before analysis or test execution.
Audit Metadata