Skills
skills/marianfoo/arc-1/migrate-segw-to-rap/Gen Agent Trust Hub

migrate-segw-to-rap

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface because it reads and parses legacy ABAP source code (MPC and DPC classes) to derive data models and logic for migration. \n
  • Ingestion points: Data is ingested via SAPRead calls in Phase 2 and 3 (SKILL.md).\n
  • Boundary markers: There are no defined delimiters or instructions to ignore potential instructions embedded within the ingested source code.\n
  • Capability inventory: The skill has access to SAPWrite and SAPActivate tools, which it uses to create new system objects based on the ingested data.\n
  • Sanitization: The skill parses the input for specific method signatures but does not explicitly sanitize the source code text before use in generation.\n- [COMMAND_EXECUTION]: The skill uses shell-based curl commands in Phase 7 to baseline the legacy service and test the new RAP service. These commands interact with local SAP OData endpoints and handle session cookies and authentication headers.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 02:05 PM
Security Audit — agent-trust-hub — migrate-segw-to-rap