api-enrichment

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for Indirect Prompt Injection. It ingests data from external sources (spec.md and user-provided OpenAPI documentation) and uses it to generate output specifications without explicit boundary markers or instructions to the model to treat the input as untrusted data.
  • Ingestion points: File spec.md (read in Step 1) and external api_documentation (URL or JSON read in Step 2a).
  • Boundary markers: Absent; the instructions do not include delimiters or specific warnings to ignore instructions embedded within the source files.
  • Capability inventory: The skill produces a markdown document (enriched-spec.md). No scripts for system command execution, local file system modification (other than standard output), or direct network exfiltration were identified.
  • Sanitization: The skill does not implement validation or sanitization for the content of the ingested specification data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 04:35 PM
Security Audit — agent-trust-hub — api-enrichment