prd-draft
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted user input (e.g., customer_evidence, technical_context) and interpolates it directly into a prompt template using double-curly braces (e.g., {{customer_evidence}}).
- Ingestion points: Inputs for customer evidence, analytics signals, and technical context in SKILL.md.
- Boundary markers: Absent; user inputs are placed directly into the template without delimiters.
- Capability inventory: None detected; the skill only generates text output and does not invoke subprocesses, network calls, or file writes.
- Sanitization: Absent; input is used as-provided.
- [Remote Code Execution] (SAFE): No patterns for remote code execution (e.g., curl | bash) were detected.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or access to sensitive system paths (e.g., ~/.ssh) were found.
Audit Metadata