gips-compliance
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to process and analyze financial performance data, which often originates from untrusted external sources (e.g., firm reports, client portfolios). This creates a risk of indirect prompt injection, where malicious instructions hidden in data could manipulate the agent.
- Ingestion points: Performance data, composite definitions, and compliance documents processed during tasks like 'reviewing composites' or 'calculating returns' (SKILL.md).
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are provided for data ingestion.
- Capability inventory: The skill allows access to high-privilege tools including 'Bash', 'Write', and 'Edit' (SKILL.md).
- Sanitization: The skill lacks defined validation or sanitization procedures for data extracted from external documents before it is used in prompt contexts or tool execution.
Audit Metadata