customer-research
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection Surface: The skill methodology involves aggregating and synthesizing data from untrusted sources, including community forums, web searches, and email history. This represents a potential surface for indirect prompt injection, where malicious instructions within processed data could influence the agent's output. The skill effectively addresses this by providing a structured framework for confidence levels and source prioritization.
- Ingestion points: Identified in SKILL.md under Tier 3 (Team Communications) and Tier 4 (External Sources).
- Boundary markers: The skill requires structured synthesis with explicit confidence labels and citations, which helps contextualize external information.
- Capability inventory: The skill leverages the agent's ability to read and analyze various connected data sources.
- Sanitization: While the skill provides a framework for evaluating source reliability, specific technical sanitization of external content is not explicitly detailed.
Audit Metadata