Ecommerce CFO
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted financial data from external APIs and Google Sheets, presenting a surface for indirect prompt injection (Category 8). \n
- Ingestion points: Ingestion sources include Amazon SP-API, Shopify API, Google Sheets, and accounting software (Xero/QBO) as described in SKILL.md. \n
- Boundary markers: No explicit delimiters or boundary markers are defined to isolate external data from system instructions. \n
- Capability inventory: The agent performs data analysis and Q&A; it lacks subprocess execution or file-write capabilities. \n
- Sanitization: No input validation or sanitization mechanisms are specified for the external data. \n- [NO_CODE]: No executable code was found. The repository is composed of Markdown files providing framework instructions and benchmarks.
Audit Metadata