Skills
skills/graemerycyk/openpmkit/feature-intel/Gen Agent Trust Hub

feature-intel

Pass

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill identifies a surface for indirect prompt injection by ingesting untrusted customer feedback data and interpolating it directly into an output template without using protective delimiters.
  • Ingestion points: The fields support_tickets, gong_insights, community_feedback, and nps_verbatims in SKILL.md accept raw user/external data.
  • Boundary markers: Absent. The template places the raw input directly under markdown headers without XML-style tags or "ignore instructions" warnings to the LLM.
  • Capability inventory: None. The skill contains no scripts, network operations, or file system access, which significantly limits the impact of any potential injection.
  • Sanitization: None. The skill does not attempt to sanitize or validate the content of the feedback data before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 22, 2026, 04:09 PM