migma-public-api
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill documents features for importing external data and generating content based on user prompts, which establishes a surface for indirect prompt injection. This risk occurs when untrusted data contains instructions that could influence the agent's behavior.
- Ingestion points: The skill documentation in
SKILL.mddetails processes for importing contact data and generating emails from prompts. - Boundary markers: No specific delimitation or isolation techniques are mentioned to distinguish between data and instructions.
- Capability inventory: The agent is guided to interact with the Migma API and execute CLI commands for resource management.
- Sanitization: There is no mention of input validation or sanitization requirements for the processed external data.
Audit Metadata