tempo
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest documentation and source code from external sources which may contain malicious instructions designed to influence the agent.
- Ingestion points: External data is fetched from the
docs.tempo.xyzAPI and various GitHub repositories. - Boundary markers: The skill does not provide delimiters or instructions to the agent to ignore embedded commands within the ingested content.
- Capability inventory: The tools provided are limited to read-only search and retrieval, which mitigates the risk of state-changing actions.
- Sanitization: No evidence of content sanitization or filtering was found in the skill definition.
Audit Metadata