Skills
skills/majesticlabs-dev/majestic-marketplace/rails-activity-timeline/Gen Agent Trust Hub

rails-activity-timeline

Warn

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill recommends installing the raix-rails gem (https://github.com/OlympiaAI/raix-rails) to enable AI summarization features. This dependency originates from an external organization that is not on the trusted vendor list.
  • [PROMPT_INJECTION]: The AI summarization implementation in references/ai-summaries.md is susceptible to indirect prompt injection.
  • Ingestion points: Data from model fields (event.field_name, event.from_field_value, event.to_field_value) is interpolated directly into the LLM prompt in ActivitySummaryGenerator.
  • Boundary markers: The implementation uses a system prompt to define the output format, which provides a weak boundary that does not prevent the model from following malicious instructions embedded in the input data.
  • Capability inventory: The generated summary is stored in the database (ActivityEvent#details['summary']) and automatically broadcasted to connected users via Turbo Streams, creating a vector for displaying malicious content or performing downstream attacks.
  • Sanitization: The input data is truncated to manage length, but the implementation lacks specific sanitization or filtering to neutralize prompt injection payloads within the trackable model's fields.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 24, 2026, 09:58 PM