Lead Qualification
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill identifies a potential surface for indirect prompt injection through its integration with spreadsheet tools. 1. Ingestion points: Data is ingested from Excel spreadsheets using the read_xlsx and analyze_spreadsheet tools mentioned in the mcp configuration. 2. Boundary markers: The skill's templates do not include explicit delimiters or instructions to treat data from the spreadsheet as untrusted or to ignore embedded instructions. 3. Capability inventory: The skill includes tool definitions for reading and creating Excel files on the local environment. 4. Sanitization: There is no evidence of input validation or sanitization for the content processed from external files.
- [NO_CODE]: This skill is entirely descriptive, containing only metadata and markdown templates without any referenced scripts, executables, or code files.
Audit Metadata