Skills
skills/inference-sh/agent-skills/customer-persona/Gen Agent Trust Hub

customer-persona

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the infsh CLI tool via Bash to authenticate users and run research and generation applications.
  • [EXTERNAL_DOWNLOADS]: Recommends installing additional skills from the inference-sh/skills repository. These are official resources provided by the vendor.
  • [PROMPT_INJECTION]: Surface for indirect prompt injection (Category 8) through web research integration.
  • Ingestion points: Market data and user research results fetched via tavily/search-assistant and exa/search (SKILL.md).
  • Boundary markers: The skill does not provide clear delimiters or instructions to ignore embedded commands in the processed search data.
  • Capability inventory: The agent has Bash execution capabilities via infsh (SKILL.md).
  • Sanitization: No explicit sanitization of external content is mentioned before it enters the prompt context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 10:42 PM