interswitch-customer-insights
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes data from external API responses without applying sanitization or boundary markers.
- Ingestion points: Sensitive data is ingested via
DemographicsResponse,FinancialHistoryResponse, andFinancialHabitsResponseobjects as defined inSKILL.md. - Boundary markers: No delimiters or safety instructions are present to prevent the agent from obeying instructions potentially embedded in fields like transaction descriptions or category names.
- Capability inventory: The skill performs network requests (
fetch) to retrieve PII and financial records, which are subsequently used in critical decision-making flows like KYC and risk profiling. - Sanitization: The provided TypeScript code snippets lack any form of input validation or content filtering for the data returned by the API endpoints.
- [SAFE]: The skill follows recommended security patterns by utilizing environment variables (
INTERSWITCH_BASE_URL) for API base URLs and referencing an abstracted authentication method (getAuthHeaders), which avoids hardcoded sensitive credentials.
Audit Metadata