Skills
skills/treasure-data/td-skills/aps-doc-staging/Gen Agent Trust Hub

aps-doc-staging

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill is designed to ingest and analyze untrusted data from a local codebase, specifically targeting .sql, .yml, and .dig files. \n
  • Ingestion points: File content from user-provided directory paths, including SQL transformations and workflow definitions. \n
  • Boundary markers: Lacks explicit delimiters or instructions to ignore potential commands embedded within the analyzed code files. \n
  • Capability inventory: Requires file reading capabilities to perform analysis on SQL scripts, configuration files, and workflow definitions. \n
  • Sanitization: No evidence of content validation or sanitization is defined for the data extracted from the codebase before it is incorporated into the documentation output.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 06:55 AM