customs-trade-compliance
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection by processing external, untrusted technical data and supplier responses for document generation. * Ingestion points: Detailed technical profiles in decision-frameworks.md and the supplier questionnaire in communication-templates.md (Template 7). * Boundary markers: There are no delimiters or 'ignore embedded instructions' markers used when interpolating external data into prompts or templates. * Capability inventory: The skill is designed to produce formal legal and regulatory filings, including Commercial Invoices, Binding Ruling Requests, and Prior Disclosure filings with customs authorities. * Sanitization: No evidence of validation or sanitization of external product descriptions or manufacturing details is present.
- [NO_CODE]: The skill is composed exclusively of Markdown documentation and reference frameworks, containing no executable code, scripts, or installation commands.
Audit Metadata