Amazon
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill instructions involve the processing of untrusted external data, which creates a vulnerability surface for indirect prompt injection.
- Ingestion points: The agent is instructed to aggregate and analyze Amazon product reviews and customer Q&A sections (buying.md).
- Boundary markers: There are no specific delimiters or instructions provided to the agent to treat external content as data only or to ignore embedded instructions.
- Capability inventory: The skill outlines high-impact capabilities including purchasing and reordering (buying.md), managing product listings and inventory (selling.md), and generating affiliate links (affiliates.md).
- Sanitization: No sanitization, validation, or filtering of the external data is described in the skill's workflows.
- [NO_CODE]: This skill consists solely of Markdown files and JSON metadata. No executable scripts, binaries, or automated configuration files are present in the skill package, limiting its functionality to human-directed or LLM-interpreted instructions.
Audit Metadata