travel-health-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes untrusted data from local JSON files.
- Ingestion points: Data is read from
data/travel-health-tracker.jsonanddata-example/travel-health-tracker.json. - Boundary markers: The instructions do not specify the use of delimiters or 'ignore' commands to isolate user data from agent instructions.
- Capability inventory: The skill is limited to
Read,Write,Grep, andGlobtools. It does not have access to network utilities or shell execution, which restricts the impact of any injection. - Sanitization: No validation or sanitization mechanisms for the data file content are described in the skill definition.
Audit Metadata