quarto-alt-text
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected. The skill requires the agent to read and interpret data from untrusted Quarto (.qmd) files to generate alt-text. These files could potentially contain malicious instructions intended to manipulate the agent's behavior.
- Ingestion points: Content from .qmd files accessed through file reading and search operations (grep).
- Boundary markers: The skill does not define clear delimiters or instructions to treat the analyzed file content as untrusted.
- Capability inventory: Local file system access and shell command execution (grep) are used to locate and read data.
- Sanitization: No sanitization or validation of the file content is performed before it is added to the context.
Audit Metadata