ericsson-ran-features
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The 'audit.py' and 'compare.py' scripts process content from 'references/features.json' and display it in console reports. This ingestion of external data without sanitization or boundary markers creates a surface where malicious instructions in the feature data could influence subsequent agent behavior.\n
- Ingestion points: 'references/features.json' (via audit.py and compare.py)\n
- Boundary markers: Absent\n
- Capability inventory: No dangerous capabilities detected; scripts are limited to data processing and console output.\n
- Sanitization: Absent. \n- Data Exposure & Exfiltration (LOW): The file '.claude-flow/daemon-state.json' contains absolute directory paths specific to the developer's local environment (e.g., /Users/cedric/...). While not containing credentials, this exposure of local file system structure is a best practice violation in shared skills.
Audit Metadata