vulnerability-management
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (MEDIUM): The skill is susceptible to Indirect Prompt Injection through the ingestion of untrusted external data.
- Ingestion points:
VulnerabilityScanner.import_csv()andVulnerabilityScanner.import_nessus_csv()as described inreferences/REFERENCE.mdandSKILL.md. - Boundary markers: None documented. There are no instructions provided to the agent on how to distinguish between data and embedded instructions within the CSV files.
- Capability inventory: The skill processes this data to generate risk scores, technical reports, and executive summaries (
generate_report,generate_risk_report). While it does not perform direct system modifications, its output is intended to drive security decision-making. - Sanitization: No input validation or sanitization routines are mentioned for the fields imported from CSV files (e.g., 'description' or 'solution').
- Risk: An attacker who can influence a vulnerability scan result could insert instructions into vulnerability descriptions to trick the agent into misrepresenting the severity of issues or hiding specific findings from remediation reports.
Audit Metadata