advice-standards
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to process untrusted user queries regarding financial regulations and registration status, which serves as an ingestion point for potentially malicious instructions. This architectural pattern constitutes a surface for indirect prompt injection.\n
- Ingestion points: User queries about investment adviser registration requirements, product classification, and regulatory boundaries as described in the 'When to Use' section of SKILL.md.\n
- Boundary markers: The skill content lacks explicit delimiters or instructions for the agent to ignore embedded commands within user-provided text.\n
- Capability inventory: The skill frontmatter authorizes the use of powerful system tools including
Bash,Read,Write, andEdit.\n - Sanitization: There are no defined mechanisms or instructions for validating or sanitizing external user input before it is processed by the agent.
Audit Metadata