json
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill enables processing of external JSON data, which serves as a surface for indirect prompt injection.\n
- Ingestion points: The skill instructions demonstrate reading from local files like
data.json.\n - Boundary markers: There are no explicit instructions or delimiters used to ensure the agent ignores natural language instructions embedded within the JSON data.\n
- Capability inventory: The skill utilizes
Bash(forjq),Write(for CSV generation), andPython(for validation and transformation).\n - Sanitization: The skill demonstrates structural schema validation but does not include content-level sanitization to filter or escape potentially malicious strings within the processed data.
Audit Metadata