luma-event-attendees
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the ingestion of untrusted external data.
- Ingestion points: scripts/apify_client.py fetches event details and user profiles (bios, names, titles) from Luma via direct scraping or the Apify API.
- Boundary markers: The scraped content is outputted to the console or files (CSV/JSON) without delimiters or warnings to the agent to disregard instructions within the data.
- Capability inventory: scripts/scrape_event.py includes file-writing capabilities (write_csv, write_json) and network access (via the requests library), which could be abused if an agent follows instructions hidden in scraped bios.
- Sanitization: No sanitization or validation is performed on the scraped text strings before they are returned to the agent.
Audit Metadata