SPACE-experiment-designer
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted user input into a generated HTML document.
- Ingestion points: User-provided inputs such as experiment targets, proposed changes, and business constraints are processed through the workflow in
SKILL.md. - Boundary markers: None defined; the instructions do not provide delimiters or specific directives to ignore instructions that might be embedded within the user data.
- Capability inventory: The skill generates and saves a visualized HTML document using the
assets/experiment-template.htmltemplate. - Sanitization: There are no instructions for the agent to escape or sanitize user input before template interpolation, which could lead to cross-site scripting (XSS) if the generated report is rendered in a browser or manipulated by a downstream agent.
Audit Metadata