openGDPR
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data from source code files and user interview responses to generate compliance reports. This behavior creates a vulnerability to indirect prompt injection, where malicious instructions embedded in code comments or documentation could attempt to manipulate the AI's evaluation logic or report output.
- Ingestion points: Files read by the
scripts/scan_codebase.pyscript and text provided during the guided interview. - Boundary markers: The system lacks explicit delimiters or instructions to treat ingested data as non-executable text, which increases the risk of the model obeying instructions found within the scanned files.
- Capability inventory: The skill has the capability to read local files and generate narrative reports based on their content.
- Sanitization: There is no evidence of sanitization or validation of the input data before it is processed by the AI for compliance checking.
Audit Metadata