keyword-builder
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes an internal Python script (
keyword_builder.py) located within its package directory to process user input and generate Robot Framework code syntax. - [PROMPT_INJECTION]: The skill provides a surface for potential indirect prompt injection through project file analysis. 1. Ingestion points: Project-level files are read when the
--project-rootflag is enabled. 2. Boundary markers: No delimiters or instructions to disregard embedded commands in ingested files are specified. 3. Capability inventory: The skill executes a Python script and produces structured code output. 4. Sanitization: The instructions do not define methods for sanitizing or validating the data ingested from the project environment.
Audit Metadata