iblai-catalog
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection via API data ingestion.\n
- Ingestion points: Retrieves user-generated data (reviews, resource names, and descriptions) from API endpoints defined in
SKILL.md.\n - Boundary markers: None present; the instructions do not define delimiters or provide warnings to ignore embedded instructions within retrieved data.\n
- Capability inventory: The skill allows performing state-changing operations (POST/DELETE) across catalog entities such as courses, programs, and enrollments as described in
SKILL.md.\n - Sanitization: Absent; no validation or escaping of external content is requested before processing.
Audit Metadata