competitive-intelligence-gathering
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill demonstrates an unsafe pattern for processing external data using an LLM. An attacker (prospect) could inject instructions into a conversation that override the extraction rules.\n
- Ingestion points: The
extract_intel_with_llmfunction inSKILL.mdaccepts untrusted conversation text.\n - Boundary markers: The prompt template in
SKILL.mdlacks clear delimiters (e.g., XML tags or triple backticks) to separate instructions from the{format_conversation(conversation)}data.\n - Capability inventory: The skill possesses the capability to write extracted data to a persistent database (
CompetitiveIntelDB), trigger alerts to internal teams (trigger_alert_if_needed), and modify internal battlecards (update_battlecard_from_intel).\n - Sanitization: No sanitization, escaping, or filtering of the input text is present in the illustrated code.
Audit Metadata