crewai
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): Potential surface for indirect prompt injection through variable interpolation.
- Ingestion points: User-provided
{topic}is interpolated into agent goals inconfig/agents.yamland task descriptions inconfig/tasks.yaml. - Boundary markers: None; variables are placed directly within instructions without delimiters or explicit 'ignore' instructions for embedded content.
- Capability inventory: The framework is designed for multi-agent coordination and tool use; snippets specifically reference
SerperDevToolandWebsiteSearchToolinagents.yaml. - Sanitization: No sanitization or validation logic is present for the interpolated variables in the provided configuration patterns.
Audit Metadata