audn-vuln-monitor
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and displays potentially untrusted data from an external API (vulnerability findings and conversation transcripts). If this data contains malicious instructions, it could attempt to influence the agent's subsequent actions.
- Ingestion points: Content is retrieved from API endpoints defined in SKILL.md.
- Boundary markers: The skill does not define clear delimiters or use 'ignore instructions' guards when presenting the external data in the summary or detailed views.
- Capability inventory: The skill is configured to perform network read operations to fetch data from the vendor's API.
- Sanitization: There is no mention of sanitizing or validating the incoming data from the API before it is presented to the agent context.
Audit Metadata