simulation-platform-engineer
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it is designed to ingest and parse external data sources like Waymo logs and OpenSCENARIO XML files. Evidence: (1) Ingestion points: Data entering via log loading in 'references/pitfalls.md'. (2) Boundary markers: No explicit instructions to ignore instructions in external data. (3) Capability inventory: Subprocess and Kubernetes command usage. (4) Sanitization: No input validation for external content.
- [COMMAND_EXECUTION]: The skill provides numerous examples of shell commands for simulation management and uses Python's subprocess module to manage local simulation processes.
Audit Metadata