format
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the
Bashtool to execute live parsing examples on user-provided.castfiles. This is a functional requirement for demonstrating how to parse the NDJSON format using tools likejq. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from external files.
- Ingestion points: User-provided files via the
-f/--fileargument inSKILL.md. - Boundary markers: None identified; the skill does not explicitly instruct the agent to ignore instructions embedded within the
.castfiles. - Capability inventory: Uses the
Bashtool to run parsing commands. - Sanitization: No explicit sanitization or validation of the input file's content or structure is mentioned beyond a troubleshooting note for invalid NDJSON.
Audit Metadata