robotframework-keyword-builder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted JSON data to generate Robot Framework keyword blocks. While it does not sanitize inputs or use boundary markers, the script itself does not execute the generated code or possess any dangerous capabilities (e.g., network or shell access), making the risk inherent to its function as a code generator. \n
- Ingestion points:
scripts/keyword_builder.pyvia the--inputflag or stdin. \n - Boundary markers: Absent; input strings are interpolated directly into the keyword template. \n
- Capability inventory: The script is limited to string processing and read-only directory walking for syntax detection. \n
- Sanitization: None.
Audit Metadata