Skills
skills/inference-sh/skills/customer-persona/Gen Agent Trust Hub

customer-persona

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the infsh CLI tool via the Bash tool to perform various tasks including target market research and image generation through specified applications like tavily/search-assistant and falai/flux-dev-lora.- [EXTERNAL_DOWNLOADS]: The skill references an external markdown file on the vendor's GitHub repository (inference-sh/skills) containing installation instructions for their CLI tool.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests and processes data from external search engines.
  • Ingestion points: External content is retrieved via tavily/search-assistant, exa/search, and exa/answer apps as shown in SKILL.md.
  • Boundary markers: No explicit delimiter or "ignore instructions" markers are used in the prompt templates.
  • Capability inventory: The skill has the capability to execute system commands via the Bash tool (specifically the infsh CLI).
  • Sanitization: There is no evidence of output sanitization or filtering for the data returned by the search apps.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 08:37 AM