oc-cut-proposer
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted transcript and analysis data from external JSON files, creating a surface for indirect prompt injection attacks where malicious text in a transcript might attempt to influence the agent's logic.
- Ingestion points: Reads
<PROJECT>/transcript.jsonand<PROJECT>/analysis.jsonas specified inSKILL.md. - Boundary markers: The instructions do not define clear delimiters or escaping mechanisms to isolate the untrusted transcript text from the system instructions.
- Capability inventory: The skill has access to
BashandReadtools, though it is explicitly instructed not to call external rendering tools likeoc cut. - Sanitization: There is no evidence of input validation or content filtering for the processed transcripts.
Audit Metadata