dark-social-attributor
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from GA4/GSC exports and user surveys. Evidence: 1. Ingestion points: GA4/GSC exports, form inventory, survey answers in SKILL.md. 2. Boundary markers: Present (explicit instruction to treat as untrusted and ignore embedded commands). 3. Capability inventory: Execution of local python script and file writes to memory directories. 4. Sanitization: Relies on instruction-based filtering.
- [COMMAND_EXECUTION]: Executes a local script
scripts/connectors/pageviews.pyto fetch Wikipedia pageview statistics. This operation is limited to a specific task using a local file and does not involve arbitrary user input.
Audit Metadata