experiment-journal
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill creates an indirect prompt injection surface by ingesting untrusted data. Ingestion points:
results-summary.json,run-config.json, and dynamic paths from logs. Boundary markers: Raw data in the appendix uses code blocks, but analysis sections interpolate content without delimiters. Capability inventory: File read/write. Sanitization: Absent. - [DATA_EXFILTRATION]: The skill dynamically resolves file paths from configuration files. This could allow a malicious file to point the agent toward sensitive data.
- [DATA_EXFILTRATION]: Output file paths are constructed using variables like experiment name. A lack of sanitization could lead to path traversal vulnerabilities when writing journal files.
Audit Metadata