raffle-winner-picker
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection.
- Ingestion points: The skill is designed to process content from external sources including Google Sheets (via URL), local CSV/Excel files (e.g.,
entries.csv), and plain text lists provided by users. - Boundary markers: There are no defined delimiters or instructions to the agent to disregard potential commands embedded within the prize or participant data contained in those files.
- Capability inventory: The skill utilizes the agent's ability to read local file systems and access external web content to process the participant lists.
- Sanitization: The instructions do not include any verification or sanitization steps for the ingested data before it is processed or displayed.
- [NO_CODE]: The skill consists entirely of markdown instructions and examples, with no accompanying scripts or executable files.
Audit Metadata