apiiro-demonstrate-secure-prompt
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
apiiro guardian secure-promptcommand-line utility to process generated security prompts. - [DYNAMIC_EXECUTION]: Shell commands are constructed at runtime by interpolating strings generated from an analysis of the repository's frameworks, data models, and API patterns.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from local repository files to contextually tailor its generated prompts, which are then passed to a CLI tool.
- Ingestion points: Analyzes local source code, configuration files, and directory structure.
- Boundary markers: Absent; there are no instructions provided to the agent to ignore or delimit potentially malicious instructions embedded within the codebase being analyzed.
- Capability inventory: The skill has the ability to execute shell commands (
apiiro guardian secure-prompt) and write to the filesystem (docs/secure-prompt-examples.csv). - Sanitization: No specific sanitization or escaping logic is defined for the repository content before it is included in command arguments.
Audit Metadata