customer-story-builder
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) due to its processing of untrusted external content.
- Ingestion points: The skill ingests raw customer signals from external sources such as interview transcripts, Slack quotes, and support tickets (SKILL.md).
- Boundary markers: The instructions do not include boundary markers or explicit prompts to ignore embedded instructions within the ingested data.
- Capability inventory: The skill is instructed to write output files to the local filesystem under the 'clients/' directory (SKILL.md Phase 4).
- Sanitization: No validation or sanitization is performed on the incoming customer data before it is used to generate content or saved to the disk.
Audit Metadata