clay-policy-guardrails
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides comprehensive logic for security and cost controls, including credit spending limits, PII data filtering, and data retention policies. It promotes security best practices by suggesting pre-validation and access controls for data enrichment pipelines.- [PROMPT_INJECTION]: The skill defines functions that process untrusted external data (enrichment rows) for validation, which constitutes an indirect prompt injection surface. While the current logic is defensive, processing attacker-controlled data always carries a risk if that data is subsequently interpolated into LLM prompts without sanitization.\n
- Ingestion points:
validate_rows_for_enrichmentfunction inSKILL.md.\n - Boundary markers: Absent.\n
- Capability inventory: The skill utilizes file system access (Read, Write, Edit) and shell execution capabilities (Bash).\n
- Sanitization: The provided code implements basic regex validation for emails and string length checks for domains, which helps mitigate accidental data issues but may not prevent sophisticated injection attacks.
Audit Metadata