tahr-map-attack-surface

Pass

Audited by Gen Agent Trust Hub on Jul 15, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted external data such as source code, API specifications, and network traffic captures, creating an attack surface for indirect prompt injection where malicious instructions embedded in these materials could attempt to manipulate agent behavior. • Ingestion points: Processes repository roots, specifications (OpenAPI, GraphQL), and traffic captures as described in SKILL.md. • Boundary markers: No explicit delimiters are defined to separate analyzed content from the agent's instructions. • Capability inventory: The skill is strictly instructional and contains no executable scripts or custom tools for execution or network access. • Sanitization: SKILL.md and surface-inventory.md include mandatory instructions to redact passwords, tokens, and PII from all outputs.
  • [NO_CODE]: The skill consists exclusively of markdown instructions and YAML configuration files, with no executable scripts, binaries, or automated tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 15, 2026, 02:59 PM