pricing-inquiry
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as its primary function is to process and respond to untrusted customer messages.
- Ingestion points: Customer inquiries provided as text input (evidenced in
references/canonical.mdandreferences/real-responses.md). - Boundary markers: The skill uses Markdown formatting within reference files to separate questions from answers, but does not implement runtime delimiters for user input.
- Capability inventory: The skill possesses no executable capabilities, tools, or system-level access, which significantly limits the potential impact of an injection attack.
- Sanitization: The
SKILL.mdfile definesforbidden_patternsin the YAML validation block to prevent the agent from outputting unauthorized price points or discount codes. - [NO_CODE]: No Python scripts, Node.js code, shell scripts, or binary files were found within the skill package. All logic is contained within Markdown documentation and YAML configuration.
Audit Metadata