flight-planner
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Python scripts (
flight_time.pyandm365cal.py) to perform flight timing calculations and integrate with Microsoft 365 calendar services. These scripts are invoked with parameters derived from natural language parsing. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface in its handling of user-provided flight route data.
- Ingestion points: Airport identifiers and route sequences (e.g., 'HSV to JWN') are extracted directly from untrusted user requests.
- Boundary markers: The instructions do not define delimiters or 'ignore embedded instructions' warnings for the variables interpolated into the shell command strings.
- Capability inventory: The agent can execute subprocesses via the shell and interact with external calendar APIs to create entries.
- Sanitization: The workflow lacks explicit validation, escaping, or sanitization logic for the route strings (KDEP, KARR, etc.) before they are utilized as command-line arguments.
Audit Metadata