setup-abap-mirror
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection. It retrieves source code and object definitions from an external SAP system via the SAPRead tool and stores them locally on the filesystem. This untrusted content could potentially contain embedded instructions that might influence the agent's behavior if it later reads or processes these mirrored files.
- Ingestion points: SAP object data (source code, definitions) fetched via SAPRead primitives in Step 2.
- Boundary markers: The skill does not implement delimiters or ignore instructions for the files written to disk.
- Capability inventory: The skill uses file system write operations to create and update the local mirror.
- Sanitization: No sanitization or safety validation is performed on the incoming ABAP source code or metadata before storage.
Audit Metadata