trace-qa
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes execution traces containing external and potentially untrusted data such as LLM messages and tool outputs. * 1. Ingestion points: Trace content fetched via 'scripts/fetch_trace.py'. * 2. Boundary markers: None specified in the instructions. * 3. Capability inventory: The skill performs subprocess execution of a local Python script. * 4. Sanitization: Unverifiable as the script content is missing from the provided files.
- [Unverifiable Dependencies] (LOW): The skill's core functionality relies on 'scripts/fetch_trace.py', which was not provided for analysis. This prevents verification of the script's command-line argument handling and potential for internal security issues.
Audit Metadata