customer-analysis
Pass
Audited by Gen Agent Trust Hub on Feb 13, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted user input (MVP theme/concept) to generate structured customer analysis reports.\n
- Ingestion points: User-provided MVP subject in SKILL.md.\n
- Boundary markers: Absent; no instructions exist to isolate the input data from the prompt logic.\n
- Capability inventory: File system write access to create define/고객분석.md.\n
- Sanitization: Absent; the skill does not define methods to filter or escape the input content.\n- [Data Exposure] (INFO): The skill directs the agent to write data to a specific local file path (define/고객분석.md). This is a legitimate function for a report generator but constitutes a file system interaction.
Audit Metadata