minimal-run-and-audit
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing external reproduction context and writing it unsanitized into report files. * Ingestion points: The scripts/write_outputs.py script reads untrusted data from a JSON file provided via the --context-json argument. * Boundary markers: The generated Markdown and JSON report files do not use delimiters or instructions for the agent to ignore embedded instructions. * Capability inventory: The skill is intended to execute shell commands and perform repository modifications as part of reproduction tasks. * Sanitization: No escaping or validation is performed on the data values before they are written to the output directory.
Audit Metadata