case-study-builder
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to generate and execute a Python script using matplotlib to create an architecture diagram (architecture.png). It also executes a shell command to run a validation script (validate.py) from a local skill path. These actions are core to the skill's technical functionality.
- [EXTERNAL_DOWNLOADS]: The skill fetches brand assets from a vendor-owned domain (assets.tigerdata.com). This is documented as a legitimate source for official logos.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted user-provided transcripts.
- Ingestion points: Transcripts and documents are ingested via google_drive_fetch and local path reads from /mnt/uploads/ (SKILL.md).
- Boundary markers: None identified; there are no instructions for the agent to use delimiters or ignore instructions embedded within the transcripts.
- Capability inventory: The agent can execute Python scripts and write files to the workspace (SKILL.md).
- Sanitization: No validation or filtering of transcript content is performed before processing.
Audit Metadata