routing-rules-orchestrator
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection through the ingestion of dynamic routing rules and email processing data. 1. Ingestion points: email_processing/orchestrator.py and routes/api_routing_rules.py. 2. Boundary markers: No explicit textual delimiters are provided in instructions for data isolation, though strict validation is mandated. 3. Capability inventory: The skill can modify application code and execute test suites using pytest via the test_routing_rules.sh script. 4. Sanitization: The skill explicitly requires the use of Marshmallow schema validation and strict operator normalization to prevent malicious inputs from affecting agent logic.
Audit Metadata