raffle-winner-picker
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill describes a workflow that ingests untrusted data from external sources.
- Ingestion points: External Google Sheets (via URL), local CSV files (
entries.csv), and Excel spreadsheets (contest-entries.xlsx). - Boundary markers: Absent. The instructions do not define delimiters or warnings to ignore instructions embedded within the spreadsheet data.
- Capability inventory: The agent is expected to read file contents and display data. While no code is provided, the agent's internal tools for file/URL reading would be the primary target.
- Sanitization: Absent. There is no mention of filtering or validating the content of the rows before processing.
- [Prompt Injection] (SAFE): No instructions to bypass safety filters or override system instructions were detected in the skill markdown.
- [Data Exposure & Exfiltration] (SAFE): The skill handles personal information (names, emails) as part of its primary purpose. No hardcoded credentials or unauthorized network exfiltration patterns were found.
- [Remote Code Execution] (SAFE): No executable code, shell commands, or remote script downloads are present. This is a documentation-only skill.
Audit Metadata