ticket-triage
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs text classification and triage without any high-risk capabilities such as network access, file system manipulation, or command execution.
- [DATA_EXPOSURE]: The skill explicitly includes instructions to mask sensitive personal information (Social Security numbers, card numbers) found in tickets, which is a positive security practice.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted customer support ticket content. While it has an ingestion surface for potential injection, its actions are limited to classification and structured output, and it lacks tools that could be abused for exfiltration or system compromise.
- [INGESTION_POINTS]: Ticket content analyzed in Workflow Step 1 of SKILL.md.
- [BOUNDARY_MARKERS]: Absent. The instructions do not specify delimiters for the ticket text.
- [CAPABILITY_INVENTORY]: Calls to other skills (draft-response, kb-article) and shared agents (quality-evaluator, korean-tone-reviewer). No subprocess, network, or file system write access.
- [SANITIZATION]: Mentions masking sensitive data (PII/PCI) but does not specifically address instruction sanitization within tickets.
Audit Metadata