demand-supply-matching
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes structured supply and demand data to perform calculations and optimization, which presents a surface for indirect prompt injection. However, the skill's capabilities are restricted to numerical processing without network or filesystem access.\n
- Ingestion points: Data inputs for the ATPEngine and OptimizedAllocation classes in SKILL.md.\n
- Boundary markers: No explicit instructions to ignore embedded commands are present in the processing logic.\n
- Capability inventory: Calculations and optimizations using pandas, numpy, and scipy. No execution of arbitrary system commands or network requests.\n
- Sanitization: The code performs data type handling via pandas and numpy but does not explicitly sanitize for natural language instructions.
Audit Metadata