iso-13485-certification
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes instructions to execute a local Python script (
scripts/gap_analyzer.py) to perform gap analysis on a directory of documents provided by the user. This is a legitimate functional capability for its intended purpose. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to its processing of external, untrusted document content.
- Ingestion points: The
scripts/gap_analyzer.pyscript reads the full text of.txtand.mdfiles and the filenames of other documents within a user-specified directory. - Boundary markers: No explicit delimiters or instructions are provided to the agent to prevent it from obeying instructions that might be embedded within the user's files during analysis.
- Capability inventory: The agent can run local scripts and read file contents to identify QMS requirements, create templates, and provide certification guidance.
- Sanitization: The tool performs keyword searches on document text but lacks explicit sanitization or filtering to prevent natural language commands within those documents from influencing the agent's behavior.
Audit Metadata