sales-ai-assistant
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill templates in references/analytics.md and references/strategy.md interpolate raw external data directly into prompts. This creates a risk of indirect prompt injection. Evidence: 1. Ingestion points: Data variables like [交易数据] and [账户列表] in reference files. 2. Boundary markers: Absent; no delimiters or ignore-instructions are used. 3. Capability inventory: Data analysis, report generation, and suggested web search capabilities. 4. Sanitization: No input validation or escaping is present.
Audit Metadata