mckinsey-consultant
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill includes a 'CRITICAL BEHAVIOR RULES' section in the SKILL.md file that contains strict instructions for the agent on how to respond to users. It mandates specific four-line responses and prohibits standard agent behaviors, such as asking clarifying questions or providing examples, during the initial handshake phase. While intended for UI consistency, this represents a deliberate override of default agent behavior.
- [EXTERNAL_DOWNLOADS]: The workflow involves extensive data gathering (15-30 web searches per project) from various external online sources to populate business reports and Excel workbooks.
- [DATA_EXFILTRATION]: The skill possesses a surface for indirect prompt injection because it ingests and processes untrusted data from the web and user-provided documents. There are no explicit instructions for the agent to sanitize or ignore potential instructions hidden within the data it reads before using that information to generate final report content.
Audit Metadata