category-trend-analyzer
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external transaction data which presents a surface for indirect prompt injection.
- Ingestion points: The skill reads 'transactions' and 'budget.json' as defined in the Input contract.
- Boundary markers: No delimiters or instructions are provided to distinguish data content from agent instructions.
- Capability inventory: The skill only performs calculation and aggregation, with no access to the filesystem, network, or shell.
- Sanitization: There is no validation or sanitization of string data like merchant names before processing.
Audit Metadata