deal-risk-scoring
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): The skill contains no instructions to override system behavior, bypass safety filters, or extract system prompts.
- Data Exposure & Exfiltration (SAFE): No patterns related to credential harvesting, sensitive file access, or network exfiltration were identified.
- Indirect Prompt Injection (LOW): The skill is designed to process untrusted business data provided by the user. 1. Ingestion points: Deal metadata and activity logs in the 'How to Use' template. 2. Boundary markers: No explicit delimiters are mandated for the input data. 3. Capability inventory: The skill consists only of text-based logic and lacks capabilities for file modification, command execution, or network communication. 4. Sanitization: None identified. The risk is limited to influencing the agent's internal reasoning for the specific report.
- Malicious Code (SAFE): No obfuscation, persistence mechanisms, or dynamic execution techniques were detected. The skill is purely markdown-based.
Audit Metadata