woo-shipping

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill creates an indirect prompt injection risk surface by instructing the agent to fetch external data.
  • Ingestion points: External documentation URLs and web search results for WooCommerce implementation patterns mentioned in SKILL.md.
  • Boundary markers: The instructions do not define specific delimiters or security boundaries to isolate the fetched content from the agent's system instructions.
  • Capability inventory: The agent is authorized to use Bash, Write, and Edit tools, which increases the potential impact of a successful injection.
  • Sanitization: No explicit sanitization or verification steps are required for the retrieved web content before it is processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 07:33 AM
Security Audit — agent-trust-hub — woo-shipping