sales-comp-plan-designer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- Prompt Injection (SAFE): The skill contains standard instructional guidelines for a sales compensation expert role. No attempts to bypass safety filters, extract system prompts, or override core agent behavior were detected.
- Data Exposure & Exfiltration (SAFE): Analysis of the markdown content shows no references to sensitive file paths, environment variables, or hardcoded credentials. No network-capable commands (curl, wget, etc.) are included.
- Unverifiable Dependencies & RCE (SAFE): The skill does not define any Python or Node.js dependencies, nor does it include scripts that download or execute remote code.
- Indirect Prompt Injection (LOW): The skill is designed to ingest user-provided context about business goals and sales structures. While it lacks explicit boundary markers or sanitization for this untrusted input, the skill has no 'write' or 'execute' capabilities (shell access, file modification, or network requests), limiting any potential impact to the reasoning context of the current session.
Audit Metadata