train
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection.
- Ingestion points: It fetches content from the GTM library and conversation findings using tools like
list_findings,get_event_detail,search_knowledge_base, andget_playbook(File: SKILL.md). - Boundary markers: The instructions do not define clear delimiters or "ignore instructions" warnings when interpolating fetched data into the role-play or quiz prompts.
- Capability inventory: The agent has access to various library management tools and can generate content based on fetched data.
- Sanitization: There is no evidence of sanitization or validation of the content retrieved from the external data sources before it is presented or used to drive the agent's behavior.
Audit Metadata