customer-centric-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill directs the agent to analyze external data sources which may be attacker-controlled, such as app reviews, support tickets, and user feedback. This constitutes a vulnerability surface for indirect prompt injection. \n
- Ingestion points: Identified in
rules/problem-discovery.md(support tickets, app store reviews),rules/qualitative-research.md(interview transcripts), andrules/iterative-improvement.md(user feedback loops). \n - Boundary markers: Absent. The instructions do not specify the use of delimiters or 'ignore instructions' warnings when processing this external data. \n
- Capability inventory: The skill itself is purely instructional and does not provide code, but it assumes the agent has capabilities to read files or fetch external data to perform the requested analysis. \n
- Sanitization: Absent. There are no guidelines provided for sanitizing or validating the content of user-provided feedback before processing.
Audit Metadata