batch-request-handler
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (MEDIUM): High attack surface identified. Ingestion points: External 'batch request' data from API integrations. Boundary markers: None defined in instructions. Capability inventory: Bash, Write, Edit, Grep. Sanitization: None specified. This combination creates a Tier HIGH risk where malicious instructions embedded in external batch data could be executed via Bash.
- [Command Execution] (MEDIUM): The skill configuration explicitly allows the use of the
Bashtool. Granting shell access for an automation task involving external data is a high-risk configuration that can be leveraged if the agent is compromised by malicious input. - [No Code] (INFO): The analyzed content is limited to the
SKILL.mdfile. No supporting scripts or implementation logic were provided to verify how data is handled or sanitized at runtime.
Audit Metadata