table-creation
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from CSV files and pasted text lists.
- Ingestion points: CSV file uploads and pasted company lists (SKILL.md).
- Boundary markers: No delimiters or specific instructions are used to isolate user-provided data from agent logic.
- Capability inventory: The skill performs network requests to the Extruct API (api.extruct.ai) for table and row operations.
- Sanitization: Parsing is limited to domain extraction and deduplication, with no semantic filtering of content.
- [COMMAND_EXECUTION]: The skill executes a shell command to ensure the presence of required environment variables.
- Evidence: Execution of 'test -n "$EXTRUCT_API_TOKEN"' in SKILL.md.
Audit Metadata