requirements-analysis-plus
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Python scripts (
scripts/run_analysis.pyandscripts/common_parser.py) to extract and analyze text from user-provided files. These scripts rely on standard Python libraries such aszipfilefor Word/Excel files andxml.etree.ElementTreefor XML parsing. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted requirement data from external files that are then analyzed by the AI agent.
- Ingestion points: Requirement content is ingested from Word (.docx), Excel (.xlsx), HTML, JSON, and Markdown files via
scripts/common_parser.py. - Boundary markers: Absent. There are no explicit delimiters or instructions provided to the agent to treat the document content as untrusted data or to ignore embedded instructions.
- Capability inventory: The skill allows the agent to read and write files on the local system (evidenced by
scripts/run_analysis.pycreating output files). - Sanitization: Basic character stripping is performed for Markdown files, but no rigorous validation or escaping is applied to ensure document content cannot influence the agent's logic.
Audit Metadata