brand-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill presents a vulnerability surface for indirect prompt injection as it is designed to interpolate untrusted data into reports. Ingestion points: The 'input' parameter in 'index.js' is intended to populate variables in 'assets/brand_analysis_report_template.md'. Boundary markers: No delimiters or safety instructions are present to prevent the agent from obeying instructions embedded in the brand data. Capability inventory: No dangerous capabilities such as network access, file system modifications, or command execution are implemented in 'index.js'. Sanitization: No validation or escaping of input data is performed.
Audit Metadata