Skills
skills/happy-technologies-llc/happy-platform-skills/csm-sentiment-analysis/Gen Agent Trust Hub

csm-sentiment-analysis

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) as it ingests and processes untrusted data from external sources.
  • Ingestion points: Customer communications are retrieved from sys_journal_field (Step 2), sys_email (Step 3), and interaction_entry (Step 4) in SKILL.md.
  • Boundary markers: There are no explicit boundary markers or instructions to the model to ignore potential commands embedded within the customer-provided text during the analysis phase in Step 7.
  • Capability inventory: The skill utilizes ServiceNow tools (SN-Query-Table, SN-Read-Record) and has access to a Bash environment as specified in the frontmatter.
  • Sanitization: The instructions do not specify any sanitization, filtering, or escaping of the retrieved customer text before it is analyzed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 04:35 PM