saas-business-logic-analyst
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill is designed to analyze untrusted external code and logic but lacks security boundaries.
- Ingestion points: Phase 3 of the workflow in
SKILL.mdand various triggers for code analysis (e.g., 'audit business logic', 'SaaS code review'). - Boundary markers: Absent; the skill does not instruct the agent on how to separate user-provided code from its own analysis instructions.
- Capability inventory: High-stakes decision support regarding financial invariants (billing, proration, refunds) and data security (multi-tenant isolation).
- Sanitization: Absent; no logic for sanitizing or escaping external code is provided.
Recommendations
- AI detected serious security threats
Audit Metadata