jobs-to-be-done
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes user-provided inputs about companies, products, or markets to perform JTBD analysis, which provides an attack surface for indirect prompt injection where malicious instructions could be embedded in the data.
- Ingestion points: User input strings for the 'analyze' trigger in SKILL.md.
- Boundary markers: Absent.
- Capability inventory: No file system, network, or subprocess capabilities were detected in the skill files.
- Sanitization: Absent.
- [DYNAMIC_EXECUTION]: The skill contains a Python function template (jtbd_opportunity_index) used to calculate opportunity scores, representing a pattern where code logic is generated and executed to process user-provided numerical data.
Audit Metadata