conducting-customer-research
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [No Code] (SAFE): The skill consists entirely of Markdown documentation. No scripts (.py, .js, .sh), binaries, or configuration files that execute commands were found in the skill package.
- [Indirect Prompt Injection] (SAFE): The workflow describes ingesting untrusted data such as community forum discussions and customer reviews (found in workflow.md). While this creates a surface for indirect prompt injection, the lack of associated executable code or automated system capabilities within the skill makes functional exploitation impossible.
- [Data Exposure] (SAFE): The workflow mentions handling sensitive CRM data and customer information. However, the skill only defines a process for humans or agents to follow and does not include any automated exfiltration mechanisms, hardcoded credentials, or unauthorized access patterns.
Audit Metadata