qbr-deck-builder
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of instructions and markdown templates for organizing customer data. It does not contain any executable scripts, shell commands, or obfuscated code.- [DATA_EXPOSURE]: The skill is designed to process sensitive business information such as MRR/ARR, customer goals, and ROI metrics. It instructs the agent to save this data to a local file path (
clients/<client-name>/...). This is standard functionality for the stated purpose and does not involve unauthorized access or exfiltration.- [PROMPT_INJECTION]: The skill incorporates untrusted external data into its output templates, creating a surface for indirect prompt injection. - Ingestion points: Customer NPS verbatim comments, support history, and customer goals (SKILL.md, Phase 0).
- Boundary markers: Absent. Untrusted strings are interpolated directly into slide templates (e.g., Slide 4 and Slide 8).
- Capability inventory: File system write access (Phase 3).
- Sanitization: None specified. The skill assumes inputs are purely textual and non-instructional.
Audit Metadata