cja-executive-briefing
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the system
opencommand in Phase 7 to display the generated HTML briefing file to the user. - [EXTERNAL_DOWNLOADS]: The HTML template in Phase 6 references font and styling assets from Google's official font services (fonts.googleapis.com and fonts.gstatic.com).
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external data from CJA and interpolates it into an HTML template.
- Ingestion points: Data is ingested through
describeCja(Phase 1) andrunReport(Phases 3 and 4) tool calls. - Boundary markers: None are present in the HTML template or instructions.
- Capability inventory: The skill can write files to the
/tmpdirectory and execute theopencommand. - Sanitization: No explicit sanitization or escaping of the ingested API data is defined before interpolation into the HTML report.
Audit Metadata