Copilot Objection
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the processing of untrusted data from inputs and external searches.
- Ingestion points: The 'objection_text' input field (provided by prospects), CRM deal/contact records, and meeting transcripts retrieved via RAG.
- Boundary markers: The instructions do not define explicit delimiters or 'ignore' instructions for the interpolated data used in the response synthesis phase.
- Capability inventory: The skill utilizes 'execute_action' for CRM data access and 'executeWebSearch' for external intelligence gathering.
- Sanitization: There is no evidence of sanitization, escaping, or validation of the untrusted prospect text before it is used to generate the suggested response.
- [EXTERNAL_DOWNLOADS]: The skill uses the 'executeWebSearch' capability to retrieve competitor claims, industry benchmarks, and proof points. This involves downloading and processing content from untrusted external domains as a core function of the skill.
Audit Metadata