hola-poke-yeoksam
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill is dependent on a remote MCP server hosted at 'https://hola-poke-yeoksam-skill.onrender.com/mcp'. All core functionality, including menu retrieval and event logic, is executed via this external dependency.
- [DATA_EXFILTRATION]: The 'enter_event' tool collects user PII (phone numbers) and transmits this data to the remote MCP server on the 'onrender.com' domain. While the workflow includes a privacy notice, this involves the transfer of personal data to external infrastructure.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to the handling of external data. * Ingestion points: Data retrieved from 'get_menu', 'get_shop_info', and 'enter_event' tools in 'SKILL.md'. * Boundary markers: Absent; the skill directs the agent to convey server-provided messages verbatim without delimiters. * Capability inventory: The skill has the capability to trigger tools that send user input to the remote server. * Sanitization: No evidence of validation or sanitization for the messages returned by the remote MCP server is provided.
Audit Metadata