voice-agent-prompt
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of documentation, architectural diagrams, and prompt templates for building voice-driven conversational agents. It contains no executable code, remote downloads, or credential exposure.- [PROMPT_INJECTION]: The skill defines an architecture for an agent that processes untrusted voice input from customers, representing a surface for indirect prompt injection.
- Ingestion points: Customer audio/text input ingested via Twilio SIP and LiveKit Room as described in the architecture diagram in
SKILL.md. - Boundary markers: The provided system prompt templates do not include specific delimiters or boundary markers to isolate customer input from instructions.
- Capability inventory: The agent has access to state-changing tools including
submit_order,add_to_order, andbook_appointment. - Sanitization: No input sanitization or validation logic is specified in the prompt documentation.
Audit Metadata