api-enrichment
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for Indirect Prompt Injection. It ingests data from external sources (spec.md and user-provided OpenAPI documentation) and uses it to generate output specifications without explicit boundary markers or instructions to the model to treat the input as untrusted data.
- Ingestion points: File spec.md (read in Step 1) and external api_documentation (URL or JSON read in Step 2a).
- Boundary markers: Absent; the instructions do not include delimiters or specific warnings to ignore instructions embedded within the source files.
- Capability inventory: The skill produces a markdown document (enriched-spec.md). No scripts for system command execution, local file system modification (other than standard output), or direct network exfiltration were identified.
- Sanitization: The skill does not implement validation or sanitization for the content of the ingested specification data.
Audit Metadata