customer-journey-mapping-workshop
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill includes a potential surface for indirect prompt injection. Evidence Chain: 1. Ingestion points: The agent asks the user to paste customer research, discovery notes, and product context in 'Step 0: Gather Context'. 2. Boundary markers: The prompt template does not provide delimiters (like XML tags) or instructions to treat the ingested data as untrusted. 3. Capability inventory: The skill uses interactive text generation and session facilitation based on user-provided data. 4. Sanitization: No sanitization or validation of the input text is defined.
- [NO_CODE]: The analyzed file is composed entirely of markdown instructions and YAML metadata. It contains no executable scripts, binaries, or definitions for automated system tools.
Audit Metadata