cro-methodology
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): The methodology instructs the agent to process untrusted external content (surveys, chat logs, support tickets) in Step 3c. Evidence: 1. Ingestion points: Step 3c (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Reasoning/Instructional only. 4. Sanitization: Absent.
- [NO_CODE] (INFO): The file consists entirely of descriptive text without executable scripts, system commands, or external package dependencies.
- [DATA_EXFILTRATION] (SAFE): No network operations or file system access patterns were detected.
- [CREDENTIALS_UNSAFE] (SAFE): No hardcoded secrets or API keys are present in the documentation.
Audit Metadata