rfm-customer-segmentation
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests and processes user-supplied CSV files, which serves as a potential vector for indirect prompt injection. Malicious instructions embedded in the data could attempt to manipulate the agent's summaries or subsequent actions.
- Ingestion points: External transaction data is loaded using
pd.read_csvincore_analysis.py. - Boundary markers: The skill instructions in
SKILL.mddo not include explicit delimiters or safety prompts to ignore potential natural language instructions within the processed data. - Capability inventory: The skill is granted
Bashexecution andWritepermissions to perform analysis and generate report files. - Sanitization: No explicit sanitization or filtering of the content within the CSV data is performed before the agent interprets the results.
Audit Metadata