ai-agent
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection vulnerability surface detected. The agent processes data from untrusted external sources which could contain instructions to override system behavior.
- Ingestion points: Inbound user messages (Architecture), Knowledge Base documents (zavu.senders.agent.knowledgeBases.documents.create), and Webhook responses (zavu.senders.agent.tools.create).
- Boundary markers: Absent. Example system prompts and flow configurations do not include delimiters or instructions to ignore embedded commands in external data.
- Capability inventory: The skill enables LLM generation and network requests via configurable webhook URLs.
- Sanitization: No explicit sanitization or validation of external input is documented.
Audit Metadata