openydt-data
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the 'openydt' CLI tool to perform analytical queries. This tool is defined as a required binary in the skill's metadata and its use is consistent with the skill's purpose of parking data management.
- [PROMPT_INJECTION]: The skill contains instructional markers (e.g., 'CRITICAL') to emphasize operational requirements, such as reading shared base instructions. These are legitimate workflow guidelines and do not attempt to bypass safety filters or override agent constraints.
- [INDIRECT_PROMPT_INJECTION]: The skill processes parking lot identifiers (parkCodes) and command outputs to generate reports. While this creates a data ingestion surface, the risk is minimal as the operations are confined to structured analytical queries.
- Ingestion points: Data enters through arguments like '--park-code' and '--body' which are populated from user input or previous command responses.
- Boundary markers: No specific delimiters or boundary markers are defined in the instructions for isolating external data.
- Capability inventory: Capabilities are restricted to executing the 'openydt' CLI tool for data retrieval.
- Sanitization: There is no explicit sanitization or validation of external identifiers described in the markdown.
Audit Metadata