working-with-marimo
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection because it processes content from external notebooks. * Ingestion points: Notebook cell structure and runtime data are retrieved using mcp_marimo_get_lightweight_cell_map and mcp_marimo_get_cell_runtime_data in SKILL.md. * Boundary markers: No markers or instructions are provided to separate data from instructions. * Capability inventory: The skill permits file modifications via write and search_replace tools as shown in SKILL.md. * Sanitization: No sanitization or verification of cell content is mentioned.
Audit Metadata