validating-api-responses
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection surface detected.\n- Ingestion points: API specifications are read from
{baseDir}/api-specs/as specified in SKILL.md.\n- Boundary markers: Absent; there are no instructions for the agent to ignore or delimit embedded instructions in the specifications.\n- Capability inventory: The skill can utilize Read, Write, Edit, Grep, Glob, and Bash(api:validate-*) tools.\n- Sanitization: Absent; no validation or filtering is performed on the ingested content.
Audit Metadata