reducing-cac
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious instructions, obfuscation, or unauthorized behaviors were detected. The skill's operations align with its stated business purpose.\n- [COMMAND_EXECUTION]: The skill utilizes the bun runtime to execute specific local scripts (tools/clis/stripe.ts and tools/clis/ga4.ts) to retrieve metrics. These commands are constrained to read-only data operations and serve as fallbacks for data ingestion.\n- [DATA_EXFILTRATION]: The skill accesses sensitive financial and CRM data from Stripe, HubSpot, and GA4 to perform its analysis. This access is appropriate for the skill's objective and does not involve unauthorized data transmission or external exfiltration to untrusted domains.\n- [PROMPT_INJECTION]:\n
- Ingestion points: External data is retrieved from Stripe (MRR, churn), GA4 (traffic sessions), and HubSpot (CRM deals) as defined in workflow-spec.yaml.\n
- Boundary markers: No explicit delimiters or 'ignore' instructions are documented in the workflow for handling the isolation of external data.\n
- Capability inventory: The skill possesses command execution capabilities using the bun runtime for executing local data retrieval tools.\n
- Sanitization: There are no documented sanitization or escaping protocols for external data ingested into the agent context before it is processed.
Audit Metadata