qbr-deck-builder
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted external data such as NPS/CSAT verbatim comments and customer goals to populate the slide deck content.
- Ingestion points: Phase 0 'Data Inputs' (usage data, support history, NPS comments, etc.).
- Boundary markers: None present; the skill does not use delimiters or explicit instructions to the agent to ignore potentially malicious instructions embedded in the customer data.
- Capability inventory: File system write access in Phase 3 to save the generated markdown files to the
clients/directory. - Sanitization: No evidence of sanitization or validation of external input before it is interpolated into the markdown templates.
Audit Metadata