forecast
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions found attempting to override agent behavior or bypass safety filters. Phrases like 'important' are used in a benign instructional context.- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive system paths, or unauthorized network operations detected. The skill's intended function is to analyze sales data provided by the user or through legitimate CRM connectors.- [Obfuscation] (SAFE): No encoded strings, zero-width characters, or homoglyphs identified. The Markdown and logic are transparent.- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external package installations or remote script executions (e.g., curl|bash) found.- [Indirect Prompt Injection] (SAFE): While the skill ingests external data from CSVs and CRM systems, it lacks high-risk downstream capabilities such as command execution or file-writing that would make such injection critical. Standard architectural surface exists but no malicious implementation is present.- [Persistence Mechanisms] (SAFE): No attempts to modify shell profiles, cron jobs, or system services detected.
Audit Metadata