pydantic-validation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill implements an Indirect Prompt Injection surface.
- Ingestion points:
scripts/validators.pycontainsvalidate_records(), which takes a list of raw dictionaries from an external caller. - Boundary markers: None found. The data is parsed directly into model fields without delimiters or 'ignore' instructions.
- Capability inventory: The skill has access to
Bashand file system tools (Read,Write,Edit) as defined inSKILL.md. This could allow an attacker who controls the data being validated to attempt to influence the agent's next actions or command parameters if the output of these validations is piped into other tools. - Sanitization: No sanitization or escaping of string inputs is performed before they are processed by the agent or printed to the console via
print_validation_errors.
Audit Metadata