SaaS Metrics Tracker
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [No Code] (SAFE): The skill consists entirely of Markdown text instructions and metadata. There are no executable scripts, binary files, or configuration files that could execute commands.
- [Prompt Injection] (SAFE): No instructions were found that attempt to bypass AI safety guardrails, reveal system prompts, or override agent behavior maliciously.
- [Data Exposure & Exfiltration] (SAFE): There are no commands or code patterns that access sensitive local files or perform network requests to external domains.
- [External Downloads & RCE] (SAFE): No external packages, remote scripts, or dynamic code execution patterns were identified.
- [Indirect Prompt Injection] (LOW): While the skill's purpose involves analyzing external business data, it lacks any automated data ingestion tools or code-based capabilities (write/execute), meaning it does not create a functional attack surface. Ingestion points: None; Boundary markers: Absent; Capability inventory: None; Sanitization: Absent.
Audit Metadata