prowler-sdk-check
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (LOW): Indirect Prompt Injection risk identified through the capability to ingest untrusted data.
- Ingestion points:
WebFetchandWebSearchtools allow the agent to retrieve content from external websites. - Boundary markers: No explicit delimiters or 'ignore embedded instructions' warnings are provided to prevent the agent from obeying instructions found in external data.
- Capability inventory: The agent has access to
Bash,Write,Edit, andTasktools, which provide a high-privilege execution environment for potential exploitation. - Sanitization: There are no instructions for the agent to sanitize or validate external input before using it in shell commands or file creation.
- COMMAND_EXECUTION (SAFE): The skill utilizes shell commands such as
mkdir,touch, andpoetry runto set up file structures and test security checks. These actions are consistent with the intended primary purpose of the skill and are restricted to the local development environment. - CREDENTIALS_UNSAFE (SAFE): No hardcoded API keys, tokens, or credentials were found. CLI examples correctly use placeholders (e.g.,
<bucket_name>) for sensitive parameters.
Audit Metadata