compliance-officer
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHNO_CODEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [NO_CODE] (LOW): The skill defines an interface and purpose but provides no functional scripts or implementation logic.
- [PROMPT_INJECTION] (HIGH): High risk of Indirect Prompt Injection.
- Ingestion points: Project directory (
dir) containing source code, Infrastructure-as-Code (IaC), and log files (File: SKILL.md). - Boundary markers: Absent; the skill description does not define delimiters to separate audit data from potential embedded instructions.
- Capability inventory: Accesses high-sensitivity system configurations and writes summary reports to user-specified paths.
- Sanitization: Absent; the skill treats processed logs and code as authoritative input for compliance scoring.
- [DATA_EXFILTRATION] (HIGH): The skill description explicitly states it collects and packages sensitive 'IAM roles' and 'encryption settings'. Accessing these configurations constitutes high-severity data exposure (Category 2), which is particularly dangerous when combined with the lack of input sanitization mentioned in the prompt injection analysis.
Recommendations
- AI detected serious security threats
Audit Metadata