Skills
skills/liushuang393/serverlessaiagents/UtilitySkills/Gen Agent Trust Hub

UtilitySkills

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface (Category 8)
  • Ingestion points: Untrusted data enters the agent context through the report object, specifically via fields like one_line_decision and recommended_action in the export_to_pdf and export_to_markdown functions (SKILL.md).
  • Boundary markers: There are no delimiters or explicit instructions provided to the agent or the processing functions to ignore embedded instructions within the report data.
  • Capability inventory: The skill possesses file-writing capabilities through the output_path parameter, utilizing the reportlab.platypus.SimpleDocTemplate library (SKILL.md).
  • Sanitization: No sanitization, validation, or escaping logic is implemented in the provided Python examples to filter malicious instructions within the source data.
  • [SAFE]: Dependency usage
  • The skill relies on well-known, industry-standard Python libraries including reportlab, matplotlib, Pillow, and pydantic for its core functionality. These dependencies are fetched from official registries and are considered safe for the intended purpose of document and graph generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 06:34 AM