arktype-validation
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill documents methods for processing untrusted external data, such as parsing JSON strings using
string.json.parseor validating environment variables viaarkenv. While the library's primary purpose is to provide robust validation and sanitization, the agent should remain aware that validated data could still contain malicious payloads intended to influence downstream logic if the data is subsequently used in prompt construction. - Ingestion points: External data is ingested through validation schemas and environment variable loaders as shown in
references/common-patterns.md. - Boundary markers: No specific delimiters or boundary markers are suggested for separating the validated data from other prompt instructions.
- Capability inventory: The skill enables deep validation, recursive type checking, and automatic type coercion of system environment variables.
- Sanitization: The skill's primary focus is sanitization and validation through its schema-driven architecture.
Audit Metadata