idor-testing
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill defines a workflow for analyzing data from external web targets, which establishes a surface for indirect prompt injection where malicious content from a target could influence the agent.\n
- Ingestion points: Target URLs and API responses (documented in SKILL.md).\n
- Boundary markers: No specific delimiters are used to separate target data from the agent's instructions.\n
- Capability inventory: The agent is instructed to perform HTTP requests and parameter manipulation based on target feedback.\n
- Sanitization: No sanitization of external server responses is mentioned.\n- [NO_CODE]: The skill consists only of markdown documentation and contains no executable scripts or binaries.
Audit Metadata