ln-652-transaction-correctness-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It ingests untrusted data by reading and analyzing codebase files and database migrations. An attacker could embed malicious instructions within the audited source code or migration comments to influence the agent's behavior.
- Ingestion points: Reads files from the codebase root and migration directories (e.g.,
alembic/versions/,migrations/) usingGrepandReadtools. - Boundary markers: No explicit delimiters or instructions to ignore embedded content are used when the agent processes file contents.
- Capability inventory: Uses
Bash,Grep,Read, andGlobtools and has the authority to write structured reports to the file system. - Sanitization: No sanitization or validation of the content ingested from files is specified.
Audit Metadata