spring-boot-backend
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill implements an Indirect Prompt Injection surface via a path traversal vulnerability in its file upload logic.
- Ingestion points: PhotoController.java processes MultipartFile inputs from the request.
- Boundary markers: No delimiters or instructions are used to validate or sanitize the filename input.
- Capability inventory: PhotoUploadService.java uses file.transferTo() and PhotoProcessingService.java uses Files.move() to perform filesystem writes.
- Sanitization: Filenames derived from untrusted input (file.getOriginalFilename()) are used directly to construct file paths, allowing an attacker to potentially write files to arbitrary locations by using directory traversal sequences like "../".
- [EXTERNAL_DOWNLOADS]: The skill's configuration examples reference standard, trusted dependencies for Spring Boot Actuator and Springdoc OpenAPI from well-known repositories.
Audit Metadata