report
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it synthesizes untrusted data from tool outputs without sanitization or boundary markers. Ingestion points: Conversation history and tool outputs (SKILL.md). Boundary markers: Absent. Capability inventory: File writing to the project root (report-YYYY-MM-DD.md). Sanitization: Absent.
- [SAFE]: No other malicious patterns, such as hardcoded credentials, remote code execution, or persistence mechanisms, were found. The skill's access to the filesystem is limited to reading the scope configuration and writing the generated report.
Audit Metadata