annotations
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Employs SQL mutations (UPDATE, INSERT, DELETE) to manage IDA Pro database content such as function summaries, variable names, and bookmarks. The skill configuration also permits the use of the Bash tool.
- [PROMPT_INJECTION]: Analyzed the indirect prompt injection surface. 1. Ingestion points: Reads function names, comments, and pseudocode from database tables (SKILL.md). 2. Boundary markers: No delimiters or explicit warnings for embedded data. 3. Capability inventory: Bash tool and SQL mutation access. 4. Sanitization: No sanitization logic for ingested database content.
- [SAFE]: No obfuscation techniques, hardcoded credentials, or unauthorized network operations were identified.
Audit Metadata