tests-prod-run-prod-tests
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill is designed to compile reports based on the output of sub-skills that interact with external web content.
- Ingestion points: The skill processes output from sub-skills
tests-prod-test-bitly-linksandtests-prod-test-prod-site-linkswhich fetch data from the live site (SKILL.md). - Boundary markers: No delimiters or instructions to ignore potential commands within the external data are present in the summary instructions.
- Capability inventory: The skill uses tools with command execution capabilities, specifically
BashandTask(SKILL.md). - Sanitization: The skill lacks logic to sanitize or validate the data ingested from external sources before it is interpreted by the agent and formatted into the final report.
Audit Metadata