ai-service-layer
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill documents patterns for interpolating user input directly into AI prompts using templates, which creates a surface for indirect prompt injection.
- Ingestion points: Input parameters for generate_text and text_to_sql in SKILL.md.
- Boundary markers: No clear delimiters or instructions to ignore embedded commands are present in the code examples.
- Capability inventory: The skill facilitates text generation and SQL query creation.
- Sanitization: No input validation or escaping mechanisms are described in the implementation guidance.
- [EXTERNAL_DOWNLOADS]: The skill recommends installing @domoinc/toolkit, which is an official library for the Domo business intelligence platform.
Audit Metadata