standards-crosswalk-mapper
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): Indirect Prompt Injection Surface.
- Ingestion points: The
contentparameter inskill.pyaccepts untrusted data which is then included in the output. - Boundary markers: Absent. The skill does not use delimiters or instructions to the agent to ignore embedded commands within the processed content.
- Capability inventory: Low risk. The skill only returns a structured dictionary and does not currently possess sensitive capabilities like file writing, network access, or subprocess execution.
- Sanitization: Absent. No validation or sanitization is performed on the
contentinput. - [Metadata Poisoning] (MEDIUM): Deceptive Metadata.
- The
SKILL.mdfile documents a complex CLI interface with numerous flags (e.g.,--framework-a,--integrate,--migration-guide) that are entirely unimplemented in theskill.pysource code. This significant discrepancy between stated and actual behavior is a red flag for tool reliability and could be used to deceive users about the agent's actual processing logic.
Audit Metadata