expansion-revenue-finder
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions direct the agent to use the Bash tool to execute Grep and Glob operations on the filesystem to search for account data files.
- [DATA_EXFILTRATION]: The skill is designed to systematically discover, read, and aggregate sensitive business information, including ARR, MRR, billing terms, and customer contact data. While it writes the output to a local file, the harvesting of this sensitive financial data represents an exposure risk.
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection through the ingestion of untrusted external data.
- Ingestion points: Reads files in various formats including *.csv, *.json, *.md, *.txt, *.xlsx, and *.tsv from the working directory and user-specified paths.
- Boundary markers: The instructions do not define any delimiters or provide warnings to ignore instructions embedded within the account data.
- Capability inventory: The agent has access to Read, Write, and Bash tools, which are utilized during the processing of this untrusted data.
- Sanitization: There is no mention of sanitization or validation of the ingested file contents before they are processed by the agent.
Audit Metadata