render-debug
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection because it processes untrusted external data that can be influenced by attackers.
- Ingestion points:
list_logs()(reading application logs) andquery_render_postgres()(reading database content) as documented inSKILL.mdandreferences/quick-workflows.md. - Boundary markers: Absent; the instructions do not include delimiters or specific guidance for the agent to ignore instructions embedded within retrieved logs or data.
- Capability inventory: The agent has the ability to write to the environment via
update_environment_variables()and execute arbitrary SQL viaquery_render_postgres(), which could be exploited if an injection is successful. - Sanitization: Absent; there is no mention of validating or escaping content before it is processed or used in further actions.
Audit Metadata