ajtbd-rat
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) because it ingests data from external files to generate its report.
- Ingestion points: The skill reads data from
.ajtbd/segments.mdand.ajtbd/job-graph.mdusing the Read tool. - Boundary markers: There are no explicit delimiters or instructions to the model to ignore potential commands embedded within the input files.
- Capability inventory: The skill has access to the
Bash,Write, andWebSearchtools, which could be leveraged if the model is misled by malicious content in the source files. - Sanitization: No sanitization or validation of the input file content is performed before processing.
Audit Metadata