godot
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The scripts
validate_tres.pyandvalidate_tscn.pyread local Godot files and output extracted data to the agent context.\n - Ingestion points:
scripts/validate_tres.py(line 33) andscripts/validate_tscn.py(line 33) ingest untrusted file content via theread_text()method.\n - Boundary markers: No delimiters or explicit instructions are used to separate untrusted file content from the script's output results.\n
- Capability inventory: The scripts are limited to standard library regex processing and stdout display; they do not have network access or file-writing capabilities.\n
- Sanitization: Content extracted from files, such as node names or resource IDs, is printed directly to the console without validation or escaping.\n
- Risk: Maliciously crafted file content (e.g., node names containing instructions) could attempt to influence the agent's behavior through the validation output.
Audit Metadata