customerio-cost-tuning
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. 1. Ingestion points: Profile data in auditProfiles() and usage data in getUsageMetrics() (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Bash, Write, and Edit tools (SKILL.md). 4. Sanitization: Absent. Malicious content in tracked user profiles could potentially influence the agent when it processes these records.
- [COMMAND_EXECUTION]: Requests Bash capabilities with curl and gh access. These tools are leveraged for legitimate API and repository operations as described in the cost-tuning workflows.
- [SAFE]: No hardcoded credentials detected; the skill utilizes process.env for API keys.
Audit Metadata