Skills
skills/faionfaion/faion-network/faion-business-analyst/Gen Agent Trust Hub

faion-business-analyst

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill possesses an indirect prompt injection attack surface through its automatic discovery of local artifacts.
  • Ingestion points: The SKILL.md orchestrator uses Glob patterns to automatically identify and Read existing requirements documents (requirements*.md), use cases (use-case*.md), and stakeholder maps from the user's workspace to gather context.
  • Boundary markers: The instructions lack boundary markers or explicit safety prompts to prevent the agent from executing instructions found within these external files.
  • Capability inventory: The agent has access to powerful tools including Write, Edit, and restricted Bash (ls), which could be misused if a malicious file successfully overrides the agent's instructions.
  • Sanitization: No sanitization or content validation is performed on the data ingested from the discovered markdown files.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:10 PM