Skills
skills/bintzgavin/apastra/apastra-eval/Gen Agent Trust Hub

apastra-eval

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it interpolates untrusted data from local files into prompt templates.\n
  • Ingestion points: Data is loaded from JSONL and YAML files in the promptops/ directory (e.g., promptops/datasets/*.jsonl, promptops/evals/*.yaml).\n
  • Boundary markers: Missing; the skill uses direct template variable substitution ({{variable}}) without explicit delimiters or safety instructions to ignore embedded commands.\n
  • Capability inventory: The agent can read and write files within the project scope (such as in promptops/runs/ and derived-index/baselines/) and invoke model calls.\n
  • Sanitization: No validation or sanitization is performed on external test case inputs before they are processed by the model.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 06:33 PM