Skills
skills/inference-sh/agent-skills-registry/customer-persona/Gen Agent Trust Hub

customer-persona

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from external search engines. Malicious content within search results could influence the agent's persona generation or behavior.\n
  • Ingestion points: Results returned by tavily/search-assistant and exa/search.\n
  • Boundary markers: No clear delimiters or instructions to ignore embedded commands are present when processing search data.\n
  • Capability inventory: The agent has access to the Bash tool to run infsh commands.\n
  • Sanitization: There is no evidence of validation or sanitization of the data retrieved from external tools before it is used by the agent.\n- [COMMAND_EXECUTION]: Utilizes the infsh CLI via the Bash tool to conduct market research and generate images. These commands are integral to the skill's primary function.\n- [EXTERNAL_DOWNLOADS]: Directs users to install the infsh CLI and add additional skills from the inference-sh GitHub repository. These are documented as official vendor resources.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 09:05 PM