strategy-expert
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- Indirect Prompt Injection (LOW): The skill analyzes external data from analytics platforms, competitor content, and bookmarked research.
- Ingestion points: Analytics platforms (Capability 1), competitor accounts (Capability 2), and bookmarks (Capability 4).
- Boundary markers: Absent; the skill lacks instructions for delimiters or warnings to ignore embedded commands.
- Capability inventory: The agent scans the codebase and interacts with external content management and publishing platforms.
- Sanitization: Absent; no input validation or filtering of external data is defined.
- Data Exposure & Exfiltration (LOW): The skill directs the agent to 'scan codebase' and documentation for 'integrations' and 'architecture', which creates a risk of exposing sensitive configuration files or hardcoded credentials located within the project directory.
Audit Metadata