ai-decomposing-tasks
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted input data (medical reports, invoices, resumes) through an LLM. This creates a surface for indirect prompt injection. 1. Ingestion points: 'report' in MedicalReportExtractor, 'invoice_text' in InvoiceExtractor, 'resume_text' in ResumeParser (File: examples.md). 2. Boundary markers: Absent; text is passed directly without delimiters. 3. Capability inventory: No dangerous capabilities like shell access or file writes found in the examples. 4. Sanitization: Absent; no input validation or escaping is performed on the source text.
Audit Metadata