frappe-agent-interpreter
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [SAFE]: No malicious patterns, remote code execution, or credential harvesting were found. The skill consists entirely of architectural documentation and interpretation logic.\n- [NO_CODE]: The skill does not contain any executable scripts (Python, JavaScript, etc.) and relies solely on markdown instructions.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted user input (vague development requests) to generate specifications. It lacks mechanisms to prevent the LLM from obeying instructions embedded within those requests.\n
- Ingestion points: User development requests processed in the Interpretation Workflow (SKILL.md).\n
- Boundary markers: Absent; no delimiters or instructions to ignore embedded commands are specified.\n
- Capability inventory: None. No scripts or subprocess calls are included in this skill.\n
- Sanitization: Absent; the skill does not provide methods for validating or escaping external user input.
Audit Metadata