hummingbird
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- Data Exposure & Exfiltration (HIGH): The 'File Downloads' code snippet in 'references/routing.md' is vulnerable to path traversal. The application takes a user-controlled parameter 'filename' and concatenates it directly into a file system path ('files/(filename)') which is then passed to 'FileIO.readFile'. An attacker can use directory traversal sequences like '../../' to escape the intended directory and read sensitive files such as '/etc/passwd' or configuration files.
- Indirect Prompt Injection (HIGH): This skill defines a vulnerable surface for indirect injection by allowing untrusted external input (URL parameters) to influence high-privilege operations (file system access) without sufficient security controls. [Ingestion points]: URL path parameter 'filename' in 'references/routing.md'. [Boundary markers]: None. [Capability inventory]: 'FileIO.readFile' (File Read). [Sanitization]: Absent; the example lacks path normalization, validation, or an allow-list of permitted files.
Recommendations
- AI detected serious security threats
Audit Metadata