eda-research
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its reliance on external, untrusted data sources to perform its primary function.\n
- Ingestion points: The workflow incorporates data from the internet via the
WebSearchtool (Step 3) and extracts information from downloaded PDF datasheets viaWebFetch(Step 5).\n - Boundary markers: There are no instructions to use delimiters or ignore potential commands embedded within the retrieved external content, meaning the agent might treat malicious text in a datasheet as legitimate instructions.\n
- Capability inventory: The skill has the capability to
Writeproject documentation and machine-readable BOM files (bom-draft.json), and it can perform modifications to library symbols throughmcp__jlc__library_fixbased on research results.\n - Sanitization: The skill lacks steps to sanitize or validate external content before it is processed or presented to the user, allowing potential injection attacks to propagate through the research summaries or the generated BOM.
Audit Metadata