Customer Success Engine
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is vulnerable to indirect prompt injection because it ingests untrusted user data to perform health scoring and analysis.
- Ingestion points: The
README.mdfile specifies commands like 'Score [account name]' and 'Churn risk for [account]' where user-provided strings are interpolated into agent prompts. - Boundary markers: Absent; there are no delimiters (like XML tags or triple quotes) or specific 'ignore embedded instructions' warnings visible in the provided methodology.
- Capability inventory: Low risk as no executable scripts (.sh, .py, .js), subprocess calls, or file-write capabilities are included in the analyzed files.
- Sanitization: Absent; no logic is provided to escape or validate account names before they are processed by the agent.
Audit Metadata