nutmeg-wrangle
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and process external football datasets (such as JSON, CSV, and Parquet) using tools with high-level capabilities, including
BashandWrite. This architecture creates a vulnerability to indirect prompt injection, where malicious instructions embedded in the data could influence the agent's behavior during data processing tasks. - Ingestion points: Reads football event data, lineups, and match stats from files provided by the user or fetched via tools.
- Boundary markers: The instructions do not specify the use of delimiters or clear directives for the agent to ignore natural language instructions that might be present within the data.
- Capability inventory: The agent has access to
Bash,Write,Read,Glob,Grep, andAgenttools. - Sanitization: There are no explicit requirements or steps provided for sanitizing or validating the data content before it is used in script execution or file operations.
Audit Metadata