juicebox-core-workflow-b
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external candidate profile data, creating a surface for potential indirect prompt injection.
- Ingestion points: Data is retrieved from the Juicebox API via the JuiceboxService.getProfile method.
- Boundary markers: No delimiters or safety instructions are present in the provided TypeScript implementation to separate ingested data from instructions.
- Capability inventory: The skill is authorized to use Write, Edit, and Bash tools.
- Sanitization: No validation or sanitization of the fetched profile content is performed in the enrichment service. This surface is considered safe as it is inherent to the core functionality of candidate data enrichment and the skill provides a template rather than an executable script.
Audit Metadata