referral-request-timing
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill describes a mechanism for sales bots to process untrusted customer feedback and testimonials to trigger referral requests. This creates an indirect prompt injection vulnerability where a malicious user could embed commands within their feedback to manipulate the bot's output or actions.
- Ingestion points: Customer feedback, NPS comments, and testimonials described in
SKILL.md. - Boundary markers: No delimiters or instructions to ignore embedded commands are present in the provided message templates.
- Capability inventory: The logic includes functions for user notifications (
notify_referrer), credit applications (apply_credit), and message generation (generate_referral_ask). - Sanitization: No sanitization or validation of external feedback content is specified in the implementation logic.
Audit Metadata