privacy-engineering
Pass
Audited by Gen Agent Trust Hub on May 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface (Category 8) because its primary function involves auditing untrusted data sources such as application logs, source code, and database schemas.
- Ingestion points: Data is ingested into the agent context through the use of
Read,Grep, andGlobtools as part of the auditing workflow described in SKILL.md. - Boundary markers: The skill does not provide specific instructions for the agent to use delimiters or ignore embedded instructions when analyzing external data.
- Capability inventory: The agent has access to
Bash,Write, andWebSearchtools, which could potentially be abused if malicious instructions hidden in audited data were executed. - Sanitization: No explicit sanitization or input validation steps are provided for the content being processed during the audit.
Audit Metadata