analysis-history
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute python3 scripts to process and compare historical artifacts such as state.json, report.md, and metadata.json found in the runtime tree.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by processing data from previous analysis runs that may contain content from untrusted external sources. 1. Ingestion points: Reads artifact files (state.json, report.md) from the runtime 'runs/' tree. 2. Boundary markers: Absent; there are no specific instructions or delimiters defined to prevent the agent from obeying instructions embedded within these historical files. 3. Capability inventory: The skill has access to file system tools (Read, Glob) and the ability to execute code via Bash/Python. 4. Sanitization: Absent; the skill does not explicitly define methods for sanitizing or escaping the content of the historical artifacts before they are presented to the agent.
Audit Metadata