process
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted data from external files to generate documentation, creating a surface for indirect prompt injection. * Ingestion points: Material files specified in
download.txtand read via theReadtool. * Boundary markers: Absent; there are no instructions to use delimiters or ignore embedded commands within the processed materials. * Capability inventory: The skill uses aTasktool for parallel execution, aReadtool for file access, writes markdown files to the local system, and executes local Python scripts. * Sanitization: Absent; the skill lacks mechanisms to sanitize or escape ingested content before it is processed by the agent. - [Command Execution] (SAFE): The skill executes local Python scripts (
validate_document.pyand the mentionedword_count.py) for validation. The provided script uses standard libraries and is limited to local file reading and reporting.
Audit Metadata