client-onboarding
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface via external data ingestion.
- Ingestion points: SKILL.md (Steps 1, 2, 3, 7) fetches content from company websites, LinkedIn profiles, and industry news.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the playbook.
- Capability inventory: SKILL.md instructions involve directory creation (clients/) and file writing for intelligence packages and strategies.
- Sanitization: No content sanitization before processing.
- [COMMAND_EXECUTION]: The playbook in SKILL.md directs the agent to create a directory hierarchy and write multiple markdown files locally under the clients/ folder.
- [EXTERNAL_DOWNLOADS]: SKILL.md utilizes web scraping tools and fetching capabilities to gather intelligence from various external domains, including LinkedIn and ad platforms.
Audit Metadata