ds-channel-report
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands to read context files and run local Python scripts. The Bash environment is constrained by the skill's configuration to only allow specific utility scripts.\n- [PROMPT_INJECTION]: The skill processes untrusted data from marketing platforms and manual user uploads, which constitutes an indirect prompt injection surface.\n
- Ingestion points: Marketing data from GA4, Search Console, Ads platforms, and manual CSV/TSV/JSON uploads in Step 2.\n
- Boundary markers: Absent; data is processed and incorporated into the report without delimiters or safety instructions.\n
- Capability inventory: Restricted Bash execution for data utilities and local file reading.\n
- Sanitization: No evidence of sanitization or validation of the input data to filter out potential malicious instructions.
Audit Metadata