tracing-upstream-lineage
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [Data Exposure & Exfiltration] (MEDIUM): The skill instructs the agent to use
go_to_connections_viewto inspect metadata, which may contain sensitive credentials or connection strings. This finding is downgraded from HIGH because it is core to the primary purpose of tracing data sources. - [Indirect Prompt Injection] (LOW): The skill processes untrusted data which could contain malicious instructions. 1. Ingestion points:
get_dag_source_code(Step 2),analyse_dag_latest_run(Step 2), andgo_to_dag_log_view(Step 5). 2. Boundary markers: Absent. 3. Capability inventory: Tools for listing DAGs, reading source code, and inspecting task logs. 4. Sanitization: Absent.
Audit Metadata