cja-funnel-health-check
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the Chart.js library from the JSDelivr CDN and style assets from Google Fonts to render the funnel visualization in the generated report. These are well-known and trusted service providers.
- [COMMAND_EXECUTION]: Uses the
opensystem command to launch the generated HTML funnel report from the/tmpdirectory. This is standard behavior for presenting visual output to the user. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) because user-provided data, such as funnel and step names, is interpolated directly into the HTML report template without explicit sanitization.
- Ingestion points: User-provided funnel descriptions and stage names processed in Phase 1.
- Boundary markers: None identified in the HTML template interpolation.
- Capability inventory: MCP tools for report execution, file system write access for report generation, and shell command execution via the
openutility. - Sanitization: No sanitization or escaping of user-provided strings is performed before they are embedded in the HTML output.
Audit Metadata