edge-signal-aggregator
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by aggregating data from external JSON and YAML files into a human-readable Markdown report.
- Ingestion points: Data is read from files identified via glob patterns in the
load_json_filesandload_yaml_filesfunctions withinscripts/aggregate_signals.py. - Boundary markers: The
generate_markdown_reportfunction interpolates external title and description strings into the report without using delimiters or instructions to ignore embedded commands. - Capability inventory: The script is limited to local file system read/write and directory creation via
pathlib.Path.mkdirandopen. It has no network or dynamic execution capabilities. - Sanitization: There is no evidence of HTML/Markdown escaping or content validation for the source data before it is formatted into the final output.
Audit Metadata