consulting-analysis
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill is implemented entirely in Markdown and provides instructions for the AI agent to follow. It does not contain any Python code, Node.js packages, or shell scripts.
- [PROMPT_INJECTION]: The skill describes a process that ingests external data summaries and search results, creating a surface for indirect prompt injection.
- Ingestion points: Phase 2 takes external inputs such as 'Data Summary' and 'External Search Findings' from other agents (e.g., deep-research).
- Boundary markers: There are no explicit instructions to use delimiters or ignore instructions embedded within the processed data.
- Capability inventory: This skill is focused on text and report generation; it does not have capabilities for command execution, file system modification, or outbound network calls.
- Sanitization: No sanitization or validation logic is defined for the external data before it is integrated into the narrative report.
Audit Metadata