pipeline-auditor
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill executes a local Python script at
.codex/skills/pipeline-auditor/scripts/run.py. This is a core component of its auditing functionality and poses no inherent risk in this context. - PROMPT_INJECTION (LOW): The skill processes untrusted data from
output/DRAFT.md, creating a surface for indirect prompt injection. Ingestion points:output/DRAFT.md. Boundary markers: Not specified in the skill definition. Capability inventory: The skill can execute local code and write to theoutput/directory. Sanitization: Not specified. This finding is classified as LOW as it represents a theoretical vulnerability surface common to document processing skills.
Audit Metadata