business-analyst
Fail
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: CRITICAL
Full Analysis
- [PROMPT_INJECTION]: The skill instructions are task-oriented and do not attempt safety filter bypasses. Data ingestion occurs through WebSearch and user interviews (ingestion points), which are managed using subagent prompts (boundary markers). The skill utilizes Bash and WebSearch (capability inventory). No explicit sanitization of external content was observed, but the workflow is inherently structured for analysis.\n- [COMMAND_EXECUTION]: Helper scripts (discovery-checklist.sh and validate-brief.sh) facilitate discovery and validation processes. These scripts use basic bash utilities to interact with users and local files in a secure manner.\n- [DATA_EXFILTRATION]: No sensitive file access or exfiltration behavior was detected. Network tools are used exclusively for their intended business research functions.\n- [SAFE]: No obfuscation, persistence mechanisms, or unauthorized privilege escalation attempts were found in the provided skill files.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata