utility-components
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [Dynamic Execution] (MEDIUM): The Expression Parser documented in
reference/2-expression-parser.mdimplements a custom DSL for logic evaluation and variable substitution. This constitutes runtime interpretation of strings, which can be exploited if the parser is not strictly sandboxed or allows unauthorized access to underlying system functions. - [Indirect Prompt Injection] (LOW): The expression parsing mechanism accepts untrusted data as input, creating a potential injection surface.
- Ingestion points: Variables and expression strings passed to
evaluateConditioninreference/2-expression-parser.md. - Boundary markers: None explicitly defined in the provided implementation snippets.
- Capability inventory: Supports logical operations (
eq,and), string manipulation (contains,startsWith), and variable expansion. - Sanitization: The documentation includes a checklist item to 'avoid executing untrusted expressions,' but no implementation-level sanitization (e.g., allow-listing or depth limiting) is demonstrated.
- [Credentials Exposure] (SAFE):
reference/1-jwt-security.mduses a placeholder${JWT_SECRET:your-secret-key}for its configuration, which is a standard practice and not a security risk.
Audit Metadata