Skills
skills/sisodiabhumca/agent-skills/json-schema-drift-detector/Gen Agent Trust Hub

json-schema-drift-detector

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill performs localized JSON processing using only standard Python libraries (argparse, json, sys, copy). No malicious behavior or patterns were detected in the instruction files or the Python script.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted JSON data which serves as a potential surface for indirect prompt injection if the agent interprets strings from the schema as instructions.
  • Ingestion points: User-provided schema files are read by json_schema_drift_detector.py through the --old and --new arguments.
  • Boundary markers: The tool does not use specific delimiters to isolate schema content (like titles or descriptions) from the agent's instructions.
  • Capability inventory: The skill's capabilities are restricted to reading files and writing a JSON report to a local path. No network access, subprocess execution, or dynamic code evaluation is performed.
  • Sanitization: Standard json.load() is used for parsing, which treats inputs as data and does not evaluate semantic content.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 04:12 PM
Security Audit — agent-trust-hub — json-schema-drift-detector