sarif-parsing
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in the instructions or the provided helper scripts. The skill focuses strictly on the intended functionality of processing security scan results.\n- [PROMPT_INJECTION]: The skill processes SARIF files which may contain untrusted data from external security tools, creating a surface for indirect prompt injection.\n
- Ingestion points: Reads SARIF files from the local filesystem via the
Readtool or Python scripts (sarif_helpers.py,SKILL.md).\n - Boundary markers: No specific delimiters or "ignore instructions" markers are provided to separate the ingested SARIF content from the agent's context.\n
- Capability inventory: The skill uses
Bash,Read,Glob, andGreptools, allowing for filesystem access and command execution.\n - Sanitization: The Python helper functions use defensive dictionary access but do not implement specific sanitization or escaping for free-text fields like 'message.text' before they are processed by the agent.\n- [EXTERNAL_DOWNLOADS]: The documentation references legitimate and well-known utility packages such as
pysarif,sarif-tools, andajv-clifrom standard registries. It also points to an official Microsoft Azure validation service.
Audit Metadata