output-sanitizer
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implements automated redaction of sensitive patterns (API keys, PII) from agent output, serving as a defensive security layer.\n- [SAFE]: The module operates with minimal privileges, explicitly disabling network access, shell execution, and file writing permissions.\n- [PROMPT_INJECTION]: (Indirect Prompt Injection Surface):\n
- Ingestion points: The skill processes arbitrary text generated by other agent modules (SKILL.md).\n
- Boundary markers: No explicit delimiters or ignore-instructions are used to isolate scanned content.\n
- Capability inventory: The skill has no network, shell, or write permissions, preventing any meaningful escalation.\n
- Sanitization: The skill serves as the sanitization layer itself, though it lacks specific logic to detect instructions meant to bypass redaction.
Audit Metadata