adversarial-prompting
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill is instructed to automatically execute a local Python script
scripts/export_analysis.pyto save analysis results. - [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection (Category 8).
- Ingestion points: The skill processes user-provided problem descriptions and data to generate solutions and critiques.
- Boundary markers: There are no specific delimiters or instructions defined to separate untrusted user input from the skill's operational logic.
- Capability inventory: The skill possesses file-writing capabilities on the local system via the export script.
- Sanitization: The export script performs basic alphanumeric sanitization for the output filename but does not sanitize or escape the content of the analysis before writing it to disk.
- [DATA_EXFILTRATION]: The export script
scripts/export_analysis.pytargets a sensitive file path by writing files directly to the user's home directory (Path.home()). While intended for report generation, this interaction with a sensitive system path should be monitored.
Audit Metadata