sustainability-summary
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (MEDIUM): Indirect prompt injection surface via untrusted RSS ingestion.\n
- Ingestion points: Reads from
sustainability_rss.dbtables (entries,entry_content) containing external web content.\n - Boundary markers: None identified; untrusted content is not delimited from agent instructions.\n
- Capability inventory: Agent performs summarization and evidence anchoring based on retrieved text.\n
- Sanitization: No evidence of validation or sanitization of external data before context construction.\n- [COMMAND_EXECUTION] (LOW): Local command execution of a script provided in the skill package.\n
- Evidence:
SKILL.mdtriggerspython3 scripts/time_report.py. The script itself was not provided for analysis.
Audit Metadata