tenant-setup
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill workflow is driven by reading external data from local files, which could influence the agent's actions if those files are compromised. 1. Ingestion points: specs/specs.md and specs/security-spec.md. 2. Boundary markers: Absent. 3. Capability inventory: High-level instructions to create tenant records, define roles, and seed baseline data. 4. Sanitization: Not specified in the workflow.
- [No Code] (SAFE): No executable files, scripts, or package manifests were found within the provided skill definition.
Audit Metadata