wwas
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill includes Python scripts (backlog_alignment_checker.py, invest_gate_checker.py, and wwas_quality_scorer.py) that parse external JSON backlog data. This creates a surface for indirect prompt injection where malicious instructions within data fields could be reflected in the tools' output reports.
- Ingestion points: Data is ingested via the --backlog and --items CLI arguments in the scripts.
- Boundary markers: No delimiters are used to separate the ingested data from the report output.
- Capability inventory: Scripts are limited to read-only operations on input files and standard output.
- Sanitization: No sanitization or escaping of the input data is performed before inclusion in reports.
Audit Metadata