writing-scripts
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill documents functionality for hooks such as
handleRequestandpreMapthat process data from external HTTP requests and data pipelines. This represents a potential surface for indirect prompt injection if the processed data contains malicious instructions. - Ingestion points: HTTP request bodies/headers in
handleRequestand record arrays in pipeline hooks (documented in SKILL.md). - Boundary markers: No specific boundary markers or instruction-ignoring warnings are defined in the provided instructional snippets.
- Capability inventory: Scripts have access to the
integrator-apimodule for platform resource management andsjclfor cryptographic operations. - Sanitization: The documentation does not explicitly mandate sanitization or validation patterns for incoming external data.
- [COMMAND_EXECUTION]: The skill provides documentation for several
celigoCLI commands used to manage the lifecycle of scripts, such asceligo scripts logs,celigo scripts create, andceligo scripts debug-enable. These are standard administrative tools for the Celigo ecosystem.
Audit Metadata