sales-engineer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Prompt Injection] (LOW): The skill processes untrusted RFP/RFI data, creating a surface for indirect prompt injection attacks.
- Ingestion points: Requirement descriptions in assets/sample_rfp_data.json.
- Boundary markers: No delimiters or instructions to ignore embedded commands are present in the provided templates.
- Capability inventory: The skill references Python scripts for scoring and analysis which process this data.
- Sanitization: No input sanitization or validation of the processed text is evident in the documentation or data structures.
- [No Code] (SAFE): No executable code files (e.g., .py, .js) were provided in the skill package. It consists entirely of markdown documentation, JSON samples, and document templates.
Audit Metadata