Lead Qualification
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from external spreadsheet files. * Ingestion points: Data enters the agent context through the
read_xlsxandanalyze_spreadsheettools defined in themcpsection ofSKILL.md. * Boundary markers: The skill templates do not utilize specific delimiters or 'ignore embedded instructions' warnings to isolate external data from the agent's logic. * Capability inventory: The skill possesses the capability to read from and write to the file system usingread_xlsxandcreate_xlsxtools. * Sanitization: There is no evidence of input validation, escaping, or filtering applied to the content retrieved from external spreadsheets before it is processed by the AI model.
Audit Metadata