customer-research
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [PROMPT_INJECTION] (SAFE): The skill contains no instructions to bypass safety filters, ignore previous rules, or extract system prompts. All instructions are focused on the task of customer research.
- [DATA_EXFILTRATION] (SAFE): No hardcoded credentials, API keys, or network exfiltration patterns were detected. The skill mentions internal sources like CRM and Email as categories of data to search, but does not provide specific paths or access methods.
- [REMOTE_CODE_EXECUTION] (SAFE): There are no executable scripts, external packages, or remote code download patterns included in the skill.
- [COMMAND_EXECUTION] (SAFE): No shell commands, system calls, or privilege escalation patterns were found.
- [Indirect Prompt Injection] (SAFE): The skill methodology involves processing data from external, untrusted sources (Tier 4: Web search, forums). While this creates an attack surface, the skill itself contains no code to perform these actions and provides defensive instructions such as 'synthesize and validate' and 'confidence-scored answers.'
- Ingestion points: Tier 4 sources (Web search, forums) mentioned in SKILL.md.
- Boundary markers: Absent.
- Capability inventory: None; the skill is documentation only.
- Sanitization: Absent, but the skill emphasizes source verification and confidence levels.
Audit Metadata