add-datasource
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection Surface: The skill processes user-defined goals via arguments or interactive questions to select and invoke specialized sub-skills. This creates a surface where external input could potentially influence the agent's routing logic if not properly delimited.
- Ingestion points: Data enters the agent's context through the
$ARGUMENTSvariable and theAskUserQuestiontool in the 'Understand the Goal' section. - Boundary markers: The skill does not currently specify the use of delimiters (such as XML tags or triple quotes) to separate user-provided text from the agent's internal routing instructions.
- Capability inventory: The skill possesses the ability to invoke multiple other skills (e.g.,
/add-dataverse,/add-teams), perform file system modifications (Write,Edit), and execute shell commands (Bash). - Sanitization: There are no explicit steps defined to sanitize or validate the user's response before the agent performs logic branching based on that content.
Audit Metadata