cja-funnel-health-check

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the Chart.js library from the JSDelivr CDN and style assets from Google Fonts to render the funnel visualization in the generated report. These are well-known and trusted service providers.
  • [COMMAND_EXECUTION]: Uses the open system command to launch the generated HTML funnel report from the /tmp directory. This is standard behavior for presenting visual output to the user.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) because user-provided data, such as funnel and step names, is interpolated directly into the HTML report template without explicit sanitization.
  • Ingestion points: User-provided funnel descriptions and stage names processed in Phase 1.
  • Boundary markers: None identified in the HTML template interpolation.
  • Capability inventory: MCP tools for report execution, file system write access for report generation, and shell command execution via the open utility.
  • Sanitization: No sanitization or escaping of user-provided strings is performed before they are embedded in the HTML output.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 11:50 PM
Security Audit — agent-trust-hub — cja-funnel-health-check