stac-custom-extensions
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (LOW): In d ir ec t Prom pt In jec t ion sur f ac e via local fil e in g est ion. Ev id en ce Chain : 1. In g est ion poin t s:
check_par ser _r eg is t r at ion .pyread s con t en t fr om a user -pr o vid e d--m ain -d ar tfil e pat h . 2. Bou n d ar y m ar k er s: Absen t ; no st r uc t ur e d del im it er s or in s t r uc t ion s t o in s ul at e t h e ag en t fr om em bed d e d in s t r uc t ion s wit h in t h e r ead fil e s ar e m en t ion ed . 3. Capabil it y in ven t or y: Python scr ip t s per f or m fil e -w r it e op er at ion s an d t em pl at e r en d er in g t o a user -sp ec if ie d--ou t -d ir. 4. San it iz at ion : No san it iz at ion or val id at ion of in g est e d con t en t is des c r ib e d . - [COMMAND_EXECUTION] (SAFE): Th e skil l ut il iz e s local Python scr ip t s locat e d wit h in it s ow n pack ag e for scaffol d in g pur p os e s. No rem ot e dow n load s, un t r ust e d dep en d en cie s, or h ig h -sev er it y com m an d ex ec ut ion pat t er n s wer e det ec t ed .
Audit Metadata