Ops Enrichment Manager
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection vulnerability surface.
- Ingestion points: Untrusted data enters the context from Ops table columns and user-provided 'prompt' inputs.
- Boundary markers: The skill instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings when interpolating table data into enrichment tasks.
- Capability inventory: The skill leverages 'ops_tables' capabilities and the 'enrich_table_column' action, which allows the agent to modify table content.
- Sanitization: There is no evidence of sanitization, validation, or filtering of external content before it is processed by the AI.
Audit Metadata