compliance-checker
Warn
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform automated scanning of the filesystem and codebase, which is a core function of the audit methodology.
- [DATA_EXFILTRATION]: The skill includes instructions to search for and identify sensitive file paths and data types, including personally identifiable information (PII), protected health information (PHI), and cardholder data (CHD). It specifically targets sensitive configuration files and secrets such as .env, secrets., and cryptographic keys (.pem, *.key, *.cert).
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it is designed to ingest and process untrusted data from the codebase being audited.
- Ingestion points: Files within the target environment are read using the Read, Glob, Grep, and Bash tools.
- Boundary markers: The instructions do not specify the use of delimiters or warnings to isolate processed content from the agent's instructions.
- Capability inventory: The skill provides access to Bash and Write tools, which could be exploited if malicious instructions were encountered within the audited data.
- Sanitization: There are no documented mechanisms for sanitizing or validating content read from external files before processing.
Audit Metadata