juma-client-context
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill's workflow creates an ingestion surface for indirect prompt injection.\n
- Ingestion points: In SKILL.md, Step 2 of the process instructs the agent to research external sources including client websites, social media profiles, and competitor websites.\n
- Boundary markers: The instructions do not provide delimiters or specific markers to distinguish between the skill's instructions and untrusted content retrieved from external sources, nor do they instruct the agent to ignore instructions embedded in those sources.\n
- Capability inventory: The skill's primary function is generating a structured profile document. While the provided files do not include script execution or file-system writing capabilities, the generated profile serves as the critical context for all other skills in the vendor's suite, meaning malicious influence could propagate through the entire workflow.\n
- Sanitization: There are no instructions for sanitizing, escaping, or validating the content retrieved from external research before it is incorporated into the profile.
Audit Metadata