corporate_spy
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill processes external PDF files from corporate announcements, which could contain instructions intended to manipulate the agent's summarization or behavior. Ingestion points: PDF filings downloaded from NSE/BSE exchange websites. Boundary markers: None specified in documentation. Capability inventory: Network requests (scraping/downloading) and text summarization. Sanitization: No content validation or sanitization described.
- [NO_CODE] (SAFE): No executable scripts or implementation code were provided for analysis. The evaluation is based solely on the description in the SKILL.md file.
Audit Metadata