ciso
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting untrusted external data (Phase 1) and using it to influence multi-step orchestration chains and delegation decisions (Phase 4).
- Ingestion points: Phase 1 of
SKILL.mdrequires external inputs such as organization profiles, asset inventories, and prior incident reports. - Boundary markers: Absent. The skill does not provide the agent with specific delimiters or instructions to ignore potential commands embedded within the organizational data.
- Capability inventory: None. The skill does not contain any executable code, scripts, or tool definitions that could be leveraged for system-level actions.
- Sanitization: Partial. While no technical sanitization is implemented, the skill includes a principle requiring human oversight for AI-driven actions on production systems.
- [NO_CODE]: The skill is comprised entirely of Markdown-based roles, workflows, and reference templates. No Python, Node.js, or shell scripts are included.
Audit Metadata