rgaa
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection because it is designed to ingest and analyze untrusted data (user-provided HTML/React code) and then perform actions (writing a report file).
- Ingestion points: Untrusted code enters the agent's context through the instructions in
SKILL.mdwhich direct the agent to 'Analyze the code provided'. - Boundary markers: The skill lacks explicit boundary markers or instructions telling the agent to treat the provided code as data only and to ignore any natural language instructions that may be embedded within it.
- Capability inventory: The agent has the capability to create directories and write files to the local file system (creating the
audits/folder and writing.mdreports), as specified in the 'Export du rapport' section ofSKILL.md. - Sanitization: There is no mention of sanitizing or escaping the input code before it is processed by the agent.
Audit Metadata