business-analyst
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection via external data ingestion.
- Ingestion points: The instructions in SKILL.md specifically direct the agent to 'Review existing documentation, data sources, and stakeholder needs' and 'Query context manager for business objectives'.
- Boundary markers: There are no boundary markers, delimiters, or explicit instructions provided to the agent to disregard or isolate embedded commands found within the processed external documents.
- Capability inventory: The skill contains no active code execution capabilities, network operations, or file-writing scripts, which significantly mitigates the risk of an injection being escalated.
- Sanitization: No input validation or content filtering mechanisms are defined for the data processed by the agent.
- [NO_CODE]: The skill is composed entirely of natural language prompt instructions and YAML metadata with no accompanying executable scripts or binary files.
Audit Metadata