incremental-load-setup
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill presents a high-risk attack surface for indirect prompt injection. 1. Ingestion points: Data pipeline configurations and ETL patterns from user requests or external files are processed by the agent. 2. Boundary markers: No delimiters or instructions are present to differentiate untrusted data from system instructions. 3. Capability inventory: Includes high-privilege tools such as Bash, Write, and Edit. 4. Sanitization: None; the skill does not include steps to sanitize or validate the external content before processing.
- [COMMAND_EXECUTION] (MEDIUM): The skill explicitly requests the Bash tool. This capability, while relevant to the skill's purpose, allows for arbitrary command execution which can be leveraged if an injection attack occurs.
Recommendations
- AI detected serious security threats
Audit Metadata